1 to 25 of 384 Permanent Incident Response Jobs in the UK

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering both emergency response services and proactive incident readiness engagements. When not leading live cyber incidents, you will work closely with organisations to strengthen their preparedness. This includes reviewing ...

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice. This is a senior, client-facing role within a highly regarded cyber security team, delivering both emergency response services and proactive incident readiness engagements. When not leading live cyber incidents, you will work closely with organisations to strengthen their preparedness. This includes reviewing ...

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’ Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology. Our goal … unauthorized access, malicious code. Job Summary This role serves as a critical leader within the global CERT and DFIR team, managing end-to-end incident response operations, including detection, analysis, containment, and remediation of security incidents. The position oversees the development and execution of incident response ...

Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics … option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including ...

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber attacks with proven defensive methodology … Tier 2 case resolution, resolving complex security cases including generating initial reporting, providing follow-ups and requesting information and resolution activity. Day to day incident tirage and escalation using contextual and threat intelligence Responsible for providing security expertise to escalated incidents Act as the incident handler ...

This CIRT L3 Lead role is a hands-on leadership position responsible for end-to-end cyber incident response, proactive threat hunting, and detection engineering in Rapid7 InsightIDR for a retail-focused environment My client is an international Consultancy firm, specialising in Cyber Security looking for a hands … Cyber Incident Response Tech Lead , responsible for end-to-end cyber incident response, proactive threat hunting, and detection engineering in Rapid7 InsightIDR for a retail-focused environment. You will coordinate cross-functional technical teams during major incidents, drive containment and recovery, and own post-incident ...

days per week onsite) Competitive Salary Role details: Our client, a prominent organisation within the defence and security sector, is seeking a skilled Incident Responder to join their team in Stevenage or Bolton. This role is focused on leading digital forensics and incident response activities, while also … advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR) activities, maintaining lab readiness ...

days per week onsite) Competitive Salary Role details: Our client, a prominent organisation within the defence and security sector, is seeking a skilled Incident Responder to join their team in Stevenage or Bolton. This role is focused on leading digital forensics and incident response activities, while also … advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR) activities, maintaining lab readiness ...

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring … Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum ...

Principal Consultant - Incident Response Salary: Up to £85,000 + £4,700 cash benefits Location: London, Cardiff, Manchester, Birmingham or Edinburgh Working pattern: Hybrid - 2-3 days per week in the office About the Role Our client is seeking an experienced Principal Consultant to join their Incident Response practice click apply for full job details ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

Entra, and related cloud environments to ensure security, reliability, and performanceincluding patching and maintaining EC2 instances and other cloud resources. Respond to and support incident management, troubleshooting, outage management, and root cause analysis for cloud platform issues, collaborating with DevOps and development teams as needed. Contribute to automation … runbooks, and knowledge base articles to support operational excellence and knowledge sharing. Continuously improve and update infrastructure and application alerts, ensuring rapid detection and response to issues before they impact customers. Manage and maintain cloud platform access, parameters, tokens, and permissions, supporting secure onboarding and offboarding of users ...

strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner! About the role: The Cyber Security Incident Response Specialist would be member of CSIRT, part of Counter Threat & Engineering (CT&E) function, responding to cyber threats and security incidents globally. … relocation Remote Type: This position is a hybrid of office/remote working Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment ...

transformation of our global Security Operations Center. Reporting to the Chief Security Officer, you will architect and scale a next-generation SOC advancing incident response, integrating cutting-edge threat intelligence, and strengthening the systems that protect and sustain our digital operations. This is an opportunity to build something … senior escalation point for complex security incidents and coordinate cross-functional responses. Threat and Vulnerability Management Integrate advanced threat intelligence into detection and response workflows to identify emerging threats proactively. Develop an automated, risk-based vulnerability management programme to reduce attack surface. Collaborate with intelligence-sharing communities to enhance ...

highly client-facing role where you will guide businesses through practical resilience improvements, including: • Designing and delivering cyber crisis simulation exercises • Developing and enhancing incident management and response frameworks • Conducting capability and readiness reviews • Advising senior leadership teams on cyber preparedness strategy You will lead engagements from initial … scoping through delivery, working closely with executive stakeholders and technical teams to provide clear, actionable recommendations that improve response capability and organisational resilience. Those with a background in reactive Incident Response (either in-house or from Consulting already), who are wanting to move into an advisory ...

Overall Package The role Join a leading financial services client as a Cyber Threat Specialist (Blue Team) and help strengthen a critical Threat Detection & Response function. You will be a key member of the Threat Detection & Response team, focusing on defensive security across complex, business-critical environments. Working … optimise high-fidelity detections, investigate incidents, and contribute to continuous improvement of cyber defences. What you'll be doing Deliver hands-on detection engineering, incident response, threat hunting, security engineering and threat intelligence activities. Investigate and respond to security incidents across host, identity, email, SaaS and cloud workloads. ...

users. We are looking for a Cyber Security Engineer to join our IT Security team and play a key role in security operations, incident response, vulnerability management and the ongoing development of our security posture. This is a hands-on role for a driven security professional who enjoys … organisation. Key responsibilities Monitor, investigate and respond to cyber security incidents using SIEM, EDR/MDR and other security tooling Perform deep-dive incident analysis across multiple log sources to identify root cause, indicators of compromise (IoCs) and remediation actions Conduct proactive and reactive threat hunting activities Manage vulnerability ...

users. We are looking for a Cyber Security Engineer to join our IT Security team and play a key role in security operations, incident response, vulnerability management and the ongoing development of our security posture. This is a hands-on role for a driven security professional who enjoys … organisation. Key responsibilities Monitor, investigate and respond to cyber security incidents using SIEM, EDR/MDR and other security tooling Perform deep-dive incident analysis across multiple log sources to identify root cause, indicators of compromise (IoCs) and remediation actions Conduct proactive and reactive threat hunting activities Manage vulnerability ...

security incidents for our customers using Microsofts leading security technologies. Youll work closely with senior analysts and engineers, playing a key role in incident response while also contributing to the continuous improvement and evolution of our SOC services. About The Role As a Security Operations Analyst, you will … Provide day-to-day monitoring and initial response for SOC customers in line with Intercitys Security Incident Response Framework. Investigate alerts generated by Microsoft Sentinel and Microsoft Defender for 365, identifying true positives and responding appropriately. Analyse multiple security data sources to detect malicious activity and support ...

drive improvements to tools, processes, automation, and reporting to enhance programme maturity. Stay current with emerging vulnerabilities, zero-day threats, and vendor advisories. Support incident response activities where vulnerabilities are linked to potential security events. What Youll Bring Proven experience in vulnerability management, cyber security operations … SIEM, SOAR, EDR, and associated security tooling. Strong analytical skills with the ability to translate technical risk into clear, executive-level reporting. Experience supporting incident response and investigations. Excellent stakeholder management skills, with the confidence to challenge and influence both technical and non-technical teams. Strong understanding ...

define enterprise-wide security strategy, and ensure resilience across all technology environments during a time of rapid change.You'll oversee governance, architecture, operations, and incident response, while working closely with senior leadership to safeguard critical systems, data, and digital services. Acting as a trusted advisor, you'll translate … drive a global information security strategy aligned to organisational priorities and risk appetite. Lead multidisciplinary teams spanning governance, risk, compliance, architecture, operations, and incident response. Embed recognised frameworks such as ISO 27001, NIST CSF, NIS2, and DORA into policies, processes, and technology platforms. Oversee security operations, including monitoring, threat ...

operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems Perform threat hunting and develop detection use cases Manage … vulnerability assessments and remediation efforts Maintain and optimise DLP tools and incident response Support forensic readiness and insider risk initiatives Develop and enforce security policies and awareness programs Lead incident response and produce investigation reports Utilise and enhance Microsoft Security Stack (Sentinel, Defender, Purview) Drive Zero ...

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring ...

Infrastructure-as-Code (Bicep/Terraform) Secure Kubernetes environments and CI/CD pipelines Develop and tune detections in Microsoft Sentinel (KQL) Lead incident response and threat hunting activities Manage vulnerabilities, logging, and monitoring Skills & Experience 3+ years in security engineering or SecOps Hands-on Azure security (Defender … Cloud, Azure Policy) SIEM experience (Sentinel preferred) Strong incident response capability Scripting/automation skills (PowerShell, Python, KQL) Knowledge of network security and cloud architecture Azure security certifications beneficial Active SC or DV clearance (must be eligible for DV) This is a great opportunity to help maintain ...

role in strengthening cyber resilience and protecting critical enterprise systems. This is a hands-on operational security role focused on threat detection, incident response and continuous improvement of security monitoring capabilities. The position of Cyber Security Analyst is suited to an experienced security professional who thrives in fast … alerts across SIEM platforms and ticketing systems, managing incidents through to resolution Participate in an on-call rota to support live security incidents Manage incident queues and approvals within IT service management tools Act as a subject matter expert for nominated security technologies, ensuring effective configuration and optimisation Support ...