1 to 25 of 278 Permanent Incident Response Jobs in the UK

Senior Incident Response Manager (SOC) London/WFH to £120k Do you have expertise in the field of Incident Response, Cyber Security Operations or Digital Forensics? You could be progressing your career in a senior, hands-on leadership role at the Investment Management … global bank. As a Senior Incident Response Manager you will continuously develop a high performance technical response team and lead the Incident Response efforts, overseeing the end-to-end incident response lifecycle, from detection and containment to eradication, recovery and post incident ...

Incident Response Manager Hybrid We are partnering with a leading global financial services organisation to appoint a Incident Response Manager to join their high-profile Cyber Threat Centre (CTC). This is a critical leadership role at the forefront of defending against sophisticated cyber adversaries, including … nation states and organised criminal groups. As the central hub for Computer Network Operations, the CTC drives incident response, threat hunting, intelligence, and insider threat detection across the organisation. This role offers the opportunity to shape strategy, lead a globally distributed team, and work with cutting-edge technologies ...

Incident Response Engineer (MDR SIEM SOAR AWS) Remote UK to £80k Are you a tech savvy Senior Security Engineer with strong Incident Response experience? You could be progressing your career in a senior, hands-on Senior Security Engineer role as part of a friendly and supportive … strengthening EDR/XDR and DLP configurations, defining new automatic detections of security events in the SIEM, improving automatic security alerts triage and Incident Response playbooks, defining the runbooks to be used during Incident Response and leading the execution of Table Top Exercises (TTX) with different ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Description: Mandatory Skills: Security Log Monitoring Job Title: Cyber Incident Management Analyst Role Overview The Cyber Incident Management Analyst is responsible for coordinating and managing the response to information security incidents across the organisation. The role ensures incidents are assessed, contained, investigated, escalated, and closed in accordance … regulatory obligations. The role requires improvements in current processes and there is a requirement to link with all areas of the business. Key Responsibilities Incident Coordination & Response • Triage, assess, and manage cyber security incidents from initial detection through to closure. • Lead incident response activities, including containment ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Security Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Analyst, you’ll act as a senior escalation point within a 24/7 SOC, leading complex investigations and driving incident response activities. You’ll work closely with threat intelligence, engineering, and client teams to continuously improve detection and response capabilities. Key Responsibilities Act as the final … escalation point for security incidents and alerts Lead and coordinate incident response for high-severity threats Perform advanced threat hunting and forensic investigations Analyse logs from SIEM, EDR, NDR, and cloud security tools Develop and refine detection rules and use cases Support SOC maturity improvements and playbook development ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

user environments. The role You will work closely with security, infrastructure, and architecture teams to design and improve secure technology environments, support incident response, and help drive a security-by-design approach across the wider estate. This role will suit someone with strong experience across Microsoft Sentinel & M365 … user environments Hands-on work with Microsoft Sentinel, M365 Defender , Defender for Cloud, Entra ID, and Conditional Access Supporting the SOC with incident response, vulnerability remediation and escalation Automating repeatable security tasks and improving operational efficiency Supporting compliance requirements, including PCI-DSS Acting as a senior point ...

lead the operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance … manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response ...

ensuring the organisation's systems, networks, and data remain protected against evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with … daily operational activities and performance. Define and implement the strategy and operational roadmap for security monitoring, detection, and response. Own and manage the security incident response lifecycle, including investigation, containment, remediation, and post-incident reviews. Lead incident response efforts during high-severity security events ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £100,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). What we are looking for Key Responsibilities: Serves as a senior member … optimization of enterprise security platforms, overseeing lifecycle management including break-fix, patching, version upgrades, and integration with broader security ecosystems. Directs complex security incident response efforts across multiple vectorsendpoint protection, EDR, malware analysis, network and computer forensicsensuring rapid containment and root cause analysis. Designs and executes advanced vulnerability ...

Developer Role Candidates in this role are responsible for the development and maintenance of the code and capabilities of the Security Orchestration, Automation and Response (SOAR) platform. Candidates will work with the Manager of Detection & Response Engineering and will work jointly with our detection engineering, threat detection … response teams to specify clear priorities, evaluate technical tradeoffs, and build high-impact features within the SOAR platform. The candidates' main responsibilities will be to: Focus on the development, maintenance, and delivery of new Security Orchestration and Automation content including custom SOAR Playbooks, Automations/Scripts, Jobs, dashboards, reports ...

Incident Response Engineer (MDR SIEM SOAR AWS) Remote UK to £80k Are you a tech savvy Senior Security Engineer with strong Incident Response experience? You could be progressing your career in a senior, hands-on Senior Security Engineer role as part of a friendly and supportive ...

with global impact upon Colt, business units, partners, and customers. While working as part of this team, the successful individual will provide world class incident response functions to detect, protect, respond, and sustain operations within cyberspace. What you will do Support SOC Manager to deliver the followingSIEM … activities, Technology escalation support, Security Solution assessment, build activities , existing Service maturing and Build activities assist Analyse potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach Establishing and governing the security incident response processes, investigations and security operational processes. Maintenance and enhancement ...

security environment. The successful consultant will play a key role in strengthening the organisation’s security operations capability, helping to modernise threat detection, automate response workflows, and improve visibility across the security ecosystem. Key Responsibilities Lead the implementation and configuration of Palo Alto XSIAM within an enterprise SOC environment … Design and optimise full-spectrum XDR capabilities, improving detection and response across endpoints, networks, and cloud workloads Integrate SIEM and security telemetry sources into XSIAM to create a unified security operations platform Develop and maintain automation workflows and playbooks to streamline incident response and reduce manual ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

Lead SOC Analyst, the position will act as the escalation point for complex security incidents, driving investigations, guiding junior analysts, and ensuring effective response and remediation across critical systems. Whats on Offer Salary: £55,000 £65,000 25% shift allowance on top of base salary Structured shift pattern … days and nights (3 days on/4 days off rotation) Exposure to highly secure, cutting-edge infrastructure environments Opportunity to work on advanced incident response and threat analysis Career progression within a specialist cyber security function What You Need To be successful in this role, candidates should ...

with hybrid identity, AAD Connect, and secure authentication methods (MFA, SSO). Familiarity with privileged access management (PAM) or PIM solutions. Strong troubleshooting and incident-response skills. Soft Skills Strong communication skills and ability to work with business stakeholders. Strong communication skills with the ability to interact with … PowerShell and Microsoft Identity solutions. Manage service accounts, privileged accounts, and password policies. Work with HR and application teams to streamline identity lifecycle operations. Incident Response & Troubleshooting Investigate authentication failures, account lockouts, replication issues, and access anomalies. Support incident response for identity related threats such ...

strong security posture across mission‐critical systems. You will operate within a 24/7 Security Operations Centre , leading your assigned shift, coordinating incident response activities, and ensuring operational continuity in the absence of senior management. Key Responsibilities Lead investigations into escalated security incidents, assessing attack vectors, scope … business impact. Correlate telemetry across SIEM, EDR, network, and cloud data sources to form complete incident narratives. Direct containment, eradication, and recovery actions in partnership with IT/OT stakeholders. Own medium‐ and high‐severity incident response activities, producing detailed investigation documentation. Tune and optimise detection content ...

platforms. The SOC Shift Lead will take ownership of security operations during assigned shifts, acting as the senior escalation point for complex incidents, leading response activities, and ensuring effective coordination across teams. This role also carries leadership responsibility, including oversight of analysts and accountability in the absence of senior … Clear progression within a specialist cyber security function What You Need To succeed in this role, candidates should demonstrate: 710 years experience in SOC, incident response, or threat analysis Strong leadership capability, with experience mentoring or guiding analysts Proven experience acting as an escalation point for high-severity ...