1 to 25 of 302 Permanent Incident Response Jobs in the UK excluding London

Dublin, Ireland. Learn more at experianplc.com. Internal Grade E Job Description As a Cyber Defence Analyst, you will join the Cyber Fusion Center, performing in-depth analysis, assessment, and response to security threats by following documented policies to meet Service Level Goals. The team provides global 24x7 security operations and monitoring for cybersecurity events affecting Experian. You will be … a part of the first line of defence in Experian's broader incident response and incident management departments, responsible for receiving and prioritizing cybersecurity alerts, including being the dedicated contact for potential security incidents reported by users (e.g., Experian employees). Depending on the results of assessment, this team is then responsible for investigating, containing, eradicating, and … recovering from events falling in its scope or escalating higher-risk events to dedicated incident response and management teams in the CFC. This role is critical in ensuring the handling of potential threats and plays a part in improving security operations. This is a home based role reporting to the Director of Security Operations for SecOps & Threat Detection. More ❯

a global basis, the resilience of operations has become a board level issue. You will provide our clients with a full spectrum of services, covering proactive and reactive Cyber Incident Response (CIR) Services. The proactive arm of our business covers a breadth of propositions, including playbook development, wargaming, readiness assessments, post-breach assessments, managed threat hunting as well … as implementing response automation technologies. Our specialists work with clients to uplift their maturity and fundamentally enhance their preparedness to respond, via targeted capability uplift, C-Suite awareness campaigns and training. Our technical response team support our clients in live incident responses by working to identify root causes and evict threats. Our professionals apply their experience and … award-winning vendor relationships, we can do whatever it takes - from improving the security of a single component to delivering a holistic security and privacy program. As a Cyber Incident Response Advisory and Incident Management Senior Manager or Associate Director, you will focus on developing our business across both proactive and reactive services, whilst leading our advisory More ❯

a global basis, the resilience of operations has become a board level issue. You will provide our clients with a full spectrum of services, covering proactive and reactive Cyber Incident Response (CIR) Services. The proactive arm of our business covers a breadth of propositions, including playbook development, wargaming, readiness assessments, post-breach assessments, managed threat hunting as well … as implementing response automation technologies. Our specialists work with clients to uplift their maturity and fundamentally enhance their preparedness to respond, via targeted capability uplift, C-Suite awareness campaigns and training. Our technical response team support our clients in live incident responses by working to identify root causes and evict threats. Our professionals apply their experience and … award-winning vendor relationships, we can do whatever it takes - from improving the security of a single component to delivering a holistic security and privacy program. As a Cyber Incident Response Advisory and Incident Management Senior Manager or Associate Director, you will focus on developing our business across both proactive and reactive services, whilst leading our advisory More ❯

Lead Incident Response Manager - Build It, Lead It, Own It £125,000 + bonus | Hybrid (Manchester-based) | Clear path to Technical Director When a cyber incident hits, you are the calm in the chaos. You take control, make the decisions, and guide clients through the storm. This is your opportunity to lead a fast-growing Incident Response function within a rapidly expanding UK cyber practice that is winning major contracts and investing heavily in its capability. You will have the freedom to build the function your way, lead high-impact response work, and progress to Technical Director of Cyber within 12 to 18 months. Why This Role Stands Out Lead the full incident response lifecycle from triage and containment to negotiation and recovery Work directly with senior stakeholders and executive teams, trusted as the safe pair of hands when it matters most Join a cyber business that is scaling quickly and building one of the strongest response teams in the UK Full autonomy to shape the team, tooling, and playbooks More ❯

A global IT MSP is looking for an experienced SOC Incident Response & Threat Hunting Manager to join its expanding Security Operations Centre. This is a pivotal leadership role, overseeing Tier 3 Security and Incident Response Analysts while driving proactive threat hunting and cyber threat intelligence initiatives. This hands-on position combines technical depth, strategic leadership, and … a forward-thinking approach to cybersecurity. The successful candidate will lead advanced incident response activities, mentor a high-performing team, and shape the strategic direction of cyber defence capabilities across a diverse customer base. On offer Salary - Competitive depending upon experience Company Bonus Scheme Comprehensive Benefits Pack 10% Company Pension £6k Vehicle allowance Excellent skill up and career … progression Flexible working from Day 1 Plus more Skills & Experience Proven experience leading incident response and threat hunting teams within a SOC or similar environment. Deep technical expertise in Digital Forensics and Incident Response (DFIR), with strong analytical and problem-solving skills. Skilled at translating complex technical findings into clear, actionable insights for technical and non More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization’s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Senior Detection & Response Engineer Cambridgeshire Based - 1-2 days a week on site We are looking for a highly experienced Senior Detection & Response Engineer to join our client's growing security team. In this critical role, you'll be instrumental in developing a best-in-class incident response function, leading investigations into complex security events, and … building scalable detection and response capabilities across the organisation. This is an exciting opportunity to work at the heart of a modern security operation - building the tools, automation, and processes that enable the business to detect, respond to, and learn from security threats effectively. What You'll Be Doing: Investigate and respond to security events with clarity and precision … triage, analyse, and manage incidents from end to end Develop and improve detection and response processes, technologies, and work flows Design and implement tools to collect and analyse security telemetry from cloud environments Automate security workflows to enhance detection accuracy and reduce response time Build and fine-tune detection rules to focus efforts on high-fidelity alerts Create More ❯

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point of application. Accenture is a leading global professional services company … of our global team, you'll be working with cutting-edge technologies and will have the opportunity to develop a wide range of new skills. At Accenture, our global Incident Response team takes on some of the hardest and most meaningful challenges in cyber security. When major organisations are breached, when ransomware hits the headlines, when espionage or … problems under pressure, thrive on collaboration, and want to work with the best in the industry. Who We Are We’re a globally distributed team of nearly 200 dedicated incident responders, forensics specialists, and crisis managers spread across more than 25 countries. Every day, we work across time zones, cultures, and languages to protect clients that range from household More ❯

role, you will: Act as the primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior … and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments … upgrades, and automation workflows, ensuring systems remain secure by design. Maintain and improve Standard Operating Procedures (SOPs) for security operations, ensuring knowledge is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and More ❯

opportunity to grow and learn with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients, look no further. We are … with an inquisitive nature, keen attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: Detection engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection … in detection coverage, log ingestion and alerting based on business risks and threats Review and improve existing SecOps standards and capabilities e.g. by highlighting requirements for additional logging, identifying incident or threat trends and detection and business-as-usual optimisation opportunities Perform security monitoring, reviewing and triaging triggered alerts, and suggesting improvements (on a rota basis 9AM to More ❯

Job Title: SOC Incident Response & Threat Hunting Manager Location: Warrington, UK (Travel may be required) Flexible Working: "Work Your Way" available from day one Im working with a gold-standard IT Managed Service Provider renowned for delivering secure, enterprise-grade solutions across cloud, infrastructure, and cyber domains. Theyre expanding their Security Operations Centre and hiring a hands-on … SOC Incident Response & Threat Hunting Manager to lead Tier 3 analysts and drive proactive defence strategies. This is a strategic and technical leadership role, ideal for someone with deep DFIR expertise, strong mentoring capabilities, and a passion for threat hunting and CTI development. Key Responsibilities: Lead and coordinate high-severity incident response engagements Provide technical oversight More ❯

the US, is undergoing a major transformation to build a Group Shared Services model. As part of this evolution, they’re seeking a proactive and technically skilled Security Operations & Incident Response Lead to elevate their security posture across diverse business models, including franchisee and third-party environments. Responsibilities: Lead Incident Response across the organization, coordinating investigations … to drive security improvements. Contribute to the development of security programs and frameworks. Provide technical leadership in Microsoft-centric environments (Defender, Sentinel, Azure 365). Requirements: Proven experience in incident response and vulnerability management. Strong proficiency in Microsoft Defender, Sentinel, Azure 365, Tenable, Nessus. Ability to analyze and remediate security threats across distributed environments. Excellent communication skills for More ❯

underwriters and capacity providers. We are seeking a conscientious and hardworking claims professional with experience in cyber and technology claims. This role will work with the CFC Claims and Incident Response team, along with a number of incident response vendors including forensic, legal, and PR ensure that CFC delivers a cost effective, but high quality response … being subject to all relevant legal and statutory (FCA and Lloyd's) requirements and obligations. About the Role: The Cyber Claims Adjuster will work closely with CFC's internal Incident Response Team to guide clients and triage incidents with the appropriate external response partners to deliver high quality response to cyber incidents. Proactively handle cyber and … within the scope of CFC's delegated authorities. Foster good relationships with policyholders, brokers, underwriters and capacity providers, and drive excellent customer service. Actively work with a panel of response vendors during claims incidents. Ensure that there is prompt and accurate reserving, identifying and pursuing relevant third party recoveries and seeking to reduce claims leakage. Working closely with underwriters More ❯

Cyber outsourcing and managed services to customers across enterprise, public sector and fast growing scale ups. Its Security Practice protects clients through a powerful mix of Managed Detection and Response (MDR), Threat Hunting, Vulnerability Management, Penetration Testing and Incident Response, supported by a world class Security Advisory function. As a Senior SOC Analyst, you will take a … role in identifying, investigating and responding to cyber threats across varied client environments. You will mentor junior analysts, lead complex incidents and help evolve the SOC’s detection and response capabilities. This is an opportunity to make a genuine impact, with the freedom to innovate and the support to grow into roles such as SOC Lead, Threat Hunter, Security … Engineer or Incident Responder. Why This Role Stands Out Join a $1B global IT and Cyber Defence provider that invests heavily in people and technology Work with cutting edge platforms such as Microsoft Sentinel, Defender, Elastic and Palo Alto Be part of a collaborative culture that values curiosity and continuous learning Clear progression into leadership or specialist technical roles More ❯

Head of IT Security Incident and Threat Management – Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company’s digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role requires you to be on site for the first 3 months full time, there is a hybrid arrangement More ❯

Head of IT Security Incident and Threat Management - Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company's digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role is based on site for the first 3 months followed by a hybrid working arrangement. Key Responsibilities Develop More ❯

escalation role within a dedicated Security Operations Centre, working at the forefront of protecting high-value national assets. The successful candidate will act as a technical authority for advanced incident response, threat hunting, and security engineering, with a strong focus on the Microsoft security stack. Key Responsibilities Serve as the primary escalation point for complex incidents and lead … on incident response. Conduct in-depth threat hunting, forensic investigations, and root cause analysis. Develop, test, and optimise detection use cases, rules, and playbooks within Microsoft Sentinel and Defender. Provide mentorship and guidance to junior SOC analysts, enhancing team capability. Collaborate with IT and OT teams to address unique security requirements across CNI environments. Drive improvements in SOC operations … automation, and incident response processes. Monitor evolving threats and integrate threat intelligence into daily operations. Ensure adherence to industry standards and compliance frameworks (NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for More ❯

and maintaining support contracts to ensure system health and compliance. Cybersecurity and risk management: The role will involve supporting the adoption and management of cyber security frameworks, participating in incident response and disaster recovery planning and testing, implementing controls to maintain cyber security accreditation, and protecting the firm from cyber threats through policies, audits, training, and threat assessment. … IT technical operations are underpinned by best practice, complete and up-to date-documentation, refined processes and defined procedures, underpinned by proactive monitoring and review. • To help manage an Incident Response Plan and form part of the Incident Response Team as threats or incidents occur. • To work with the Executive, Legal Operations and Business Services teams More ❯

SOC Manager £75,000 - £85,000 + 15% bonus + £6k car allowance Warrington – Remote-first A leading global technology organisation is seeking a SOC Response & Threat Manager to lead their elite Tier 3 security team. As a SOC Response & Threat Manager, you will take ownership of complex security incidents, lead high-performing analysts, and shape the Cyber … Threat Intelligence capability. Working hands-on with cutting-edge tools, you'll orchestrate critical incidents while hunting sophisticated threat actors across enterprise environments. Key Experience: • Proven experience leading incident response operations and managing security analysts. • Deep expertise in digital forensics and incident response (DFIR). • Strong knowledge of threat hunting methodologies and adversary tactics. • Ability to … bonus + £6k car allowance • Generous pension with double-matched contributions • 25 days holiday plus bank holidays • Private medical insurance and flexible benefits To hear more about the SOC Incident Response & Threat Hunting Manager opportunity, get in touch with Connor Smyth at Anson McCade on 020 7780 6706. More ❯

will be responsible for safeguarding the organisation's Operational Technology (OT) environments from cyber threats. This role involves implementing OT security measures, monitoring the OT network for threats, leading incident response efforts, validating security controls, and ensuring the resilience of OT systems. What you'll be doing: Implement and manage OT security controls, measures, and technologies to protect … critical assets and systems. Conduct risk assessments, vulnerability management, and security testing. Develop and implement incident response plans and ensure compliance with regulations. Conduct proactive threat hunting and reactive incident response. Provide regular reports on security status, including incidents, vulnerabilities, and overall health of OT systems. Collaborate with cross-functional teams, including network engineers, system administrators, and … external cybersecurity teams. What you'll need: At least 3 years of experience in OT security engineering, incident response, or a related field. Ability to manage multiple assessments and projects simultaneously. Strong understanding of industrial control systems (ICS) and SCADA systems. Strong problem-solving skills and attention to detail. Proven experience with OT and IT security technologies, including More ❯

lead and develop a team of security professionals, oversee the delivery and ongoing management of our security infrastructure, and act as the go-to technical expert in threat detection, incident response, and vulnerability management. Were looking for someone with strong leadership skills, a deep knowledge of the cyber security landscape, and a real passion for safeguarding digital assets. … and Data, helping to build strong cyber security awareness. Oversee day-to-day security operations, using tools like MDR, SIEM, endpoint protection, and firewalls to keep us protected. Lead incident response, creating and maintaining playbooks and ensuring quick, effective action during any breaches. Stay ahead of threats by managing vulnerabilities, coordinating penetration tests, applying patches, and analysing threat … record of leading and mentoring a team. Extensive experience with security technologies such as SIEM, firewalls, intrusion detection/prevention systems, and vulnerability scanning tools. In-depth knowledge of incident response procedures, threat hunting, and forensic investigation techniques. Strong understanding of networking protocols, operating systems, and cloud security principles. Qualifications Bachelor's degree in Computer Science, Information Security More ❯

Senior Incident Responder £71000 GBP Onsite WORKING Location: Birmingham, West Midlands - United Kingdom Type: Permanent Senior Incident Responder - SOC Analyst (L3) Birmingham or Glasgow | Up to £71,000 + Bonus + Benefits | Hybrid | SC Clearance Required or Eligible Our client - a global technology and services firm - is expanding its Managed Security Operations Centre and seeking a Senior Incident … the sharp end of cybersecurity operations, working on major incidents across enterprise environments, guiding L1/L2 analysts, and collaborating with client stakeholders to deliver best-in-class detection, response, and remediation. The Role You'll take ownership of escalated incidents, conduct detailed investigations, and ensure effective containment and eradication of threats. You'll act as the escalation point … within the SOC, providing technical expertise, mentoring junior analysts, and driving continuous improvement of incident response processes. Key Responsibilities: Lead complex investigations into security incidents and breaches. Perform root cause analysis and provide actionable recommendations. Conduct static and dynamic malware analysis; reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools - particularly IBM QRadar , Splunk, and Microsoft More ❯

role, requiring collaboration across IT, legal, procurement, and operational teams. You will act as the primary point of contact for all matters related to information assurance, supplier security assurance, incident response, and regulatory compliance. Scope IT Security Operations Collaborate closely with IT SecOps team members to ensure security controls remain effective. Where gaps are identified, implement appropriate mitigation … measures and lead the response to security incidents in a timely and coordinated manner. Compliance & Security Coordinate ISO 27001 certification audits and maintain ongoing compliance on behalf of the IT & Digital function. Actively support and contribute to health and safety, environmental sustainability, business continuity, and information security initiatives, ensuring we meet our obligations to customers and regulatory standards Delivery … and supports business objectives. Risk Management: Identify, evaluate, and mitigate information security risks across systems, suppliers, and processes. Maintain visibility over key cyber risks and report to senior leadership. Incident Response: Lead the response to security incidents, including forensic analysis, reporting, and remediation. Coordinate with law enforcement and external partners where necessary. Supplier Assurance: Conduct security reviews More ❯

hybrid, and on-premises environments, identifying vulnerabilities and improvement areas. Provide guidance on compliance and frameworks such as ISO 27001, Cyber Assessment Framework (CAF), and Cyber Essentials. Contribute to incident readiness and response as part of the Cyber Security Incident Response Team (CSIRT). Actively contribute to the internal growth and knowledge-sharing within the wider … management, and compliance. Excellent communication and stakeholder engagement skills, with the ability to influence at board level. Hands-on experience with cloud and hybrid architectures, audits, and security assessments. Incident response and crisis management experience is a plus. Holding CISSP/CISM ISO27001 Lead implementer If you’re looking for a role where you can combine strategic influence More ❯