1 to 25 of 36 Permanent Incident Response Jobs in the West Midlands

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Head of IT Security Incident and Threat Management Package to £117k DOE + 15% Bonus + Benefits Based Birmingham This is an exciting opportunity to take a strategic leadership role at the forefront of cybersecurity. As Head of IT Security Incident and Threat Management, you will shape and lead the organization’s global response to cyber threats … ensuring they stay one step ahead of emerging risks. You will have the scope to define and deliver a world-class threat intelligence and incident response strategy, working with innovative cutting-edge tools, partners, and experts. The successful candidate will lead and develop a talented in-house team, while managing the external Security Operations Centre (SOC) to ensure … proactive defence and rapid response to incidents. Key Responsibilities Develop and execute incident response and threat management strategies. Lead investigations, resolution, and post-incident analysis of security incidents. Oversee and mentor a team of three direct reports, ensuring their growth and performance. Conduct security audits and vulnerability assessments to strengthen defences. Collaborate across departments to embed More ❯

Job Title: SOC Incident Response & Threat Hunting Manager Location: Warrington, UK (Travel may be required) Flexible Working: "Work Your Way" available from day one Im working with a gold-standard IT Managed Service Provider renowned for delivering secure, enterprise-grade solutions across cloud, infrastructure, and cyber domains. Theyre expanding their Security Operations Centre and hiring a hands-on … SOC Incident Response & Threat Hunting Manager to lead Tier 3 analysts and drive proactive defence strategies. This is a strategic and technical leadership role, ideal for someone with deep DFIR expertise, strong mentoring capabilities, and a passion for threat hunting and CTI development. Key Responsibilities: Lead and coordinate high-severity incident response engagements Provide technical oversight More ❯

Head of IT Security Incident and Threat Management – Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company’s digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role requires you to be on site for the first 3 months full time, there is a hybrid arrangement More ❯

Head of IT Security Incident and Threat Management – Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company’s digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role requires you to be on site for the first 3 months full time, there is a hybrid arrangement More ❯

Head of IT Security Incident and Threat Management - Solihull Crimson and IMI have joined forces to build IMI's new security team, and we are looking for talented individuals to join us on this exciting journey. If you are passionate about IT security and want to be part of a dynamic team that is shaping the future of security … within a successful global company, we want to hear from you! We are seeking a highly skilled and experienced Head of IT Security Incident and Threat Management to join our team. In this role, you will be responsible for leading the strategic efforts to safeguard the company's digital assets against potential threats and incidents. This role requires a … seasoned professional with a deep understanding of cybersecurity, incident response an threat management within a FTSE 100 environment. The salary on offer for this position is between £90,000 and £110,000 per annum plus benefits. Please note this role is based on site for the first 3 months followed by a hybrid working arrangement. Key Responsibilities Develop More ❯

and maintaining support contracts to ensure system health and compliance. Cybersecurity and risk management: The role will involve supporting the adoption and management of cyber security frameworks, participating in incident response and disaster recovery planning and testing, implementing controls to maintain cyber security accreditation, and protecting the firm from cyber threats through policies, audits, training, and threat assessment. … IT technical operations are underpinned by best practice, complete and up-to date-documentation, refined processes and defined procedures, underpinned by proactive monitoring and review. • To help manage an Incident Response Plan and form part of the Incident Response Team as threats or incidents occur. • To work with the Executive, Legal Operations and Business Services teams More ❯

and maintaining support contracts to ensure system health and compliance. Cybersecurity and risk management: The role will involve supporting the adoption and management of cyber security frameworks, participating in incident response and disaster recovery planning and testing, implementing controls to maintain cyber security accreditation, and protecting the firm from cyber threats through policies, audits, training, and threat assessment. … IT technical operations are underpinned by best practice, complete and up-to date-documentation, refined processes and defined procedures, underpinned by proactive monitoring and review. • To help manage an Incident Response Plan and form part of the Incident Response Team as threats or incidents occur. • To work with the Executive, Legal Operations and Business Services teams More ❯

Senior Incident Responder £71000 GBP Onsite WORKING Location: Birmingham, West Midlands - United Kingdom Type: Permanent Senior Incident Responder - SOC Analyst (L3) Birmingham or Glasgow | Up to £71,000 + Bonus + Benefits | Hybrid | SC Clearance Required or Eligible Our client - a global technology and services firm - is expanding its Managed Security Operations Centre and seeking a Senior Incident … the sharp end of cybersecurity operations, working on major incidents across enterprise environments, guiding L1/L2 analysts, and collaborating with client stakeholders to deliver best-in-class detection, response, and remediation. The Role You'll take ownership of escalated incidents, conduct detailed investigations, and ensure effective containment and eradication of threats. You'll act as the escalation point … within the SOC, providing technical expertise, mentoring junior analysts, and driving continuous improvement of incident response processes. Key Responsibilities: Lead complex investigations into security incidents and breaches. Perform root cause analysis and provide actionable recommendations. Conduct static and dynamic malware analysis; reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools - particularly IBM QRadar , Splunk, and Microsoft More ❯

Senior Incident Responder – SOC Analyst (L3) Birmingham or Glasgow | Up to £71,000 + Bonus + Benefits | Hybrid | SC Clearance Required or Eligible Our client – a global technology and services firm – is expanding its Managed Security Operations Centre and seeking a Senior Incident Responder (L3 SOC Analyst) to take the lead on complex security incidents, investigations, and threat … the sharp end of cybersecurity operations, working on major incidents across enterprise environments, guiding L1/L2 analysts, and collaborating with client stakeholders to deliver best-in-class detection, response, and remediation. The Role You’ll take ownership of escalated incidents, conduct detailed investigations, and ensure effective containment and eradication of threats. You’ll act as the escalation point … within the SOC, providing technical expertise, mentoring junior analysts, and driving continuous improvement of incident response processes. Key Responsibilities: Lead complex investigations into security incidents and breaches. Perform root cause analysis and provide actionable recommendations. Conduct static and dynamic malware analysis; reverse engineer to identify IOCs. Monitor, tune, and optimise SIEM tools Develop and refine SOC use cases More ❯

e.g., firewalls, SIEM, IDS/IPS, endpoint protection) Oversee access controls and identity management systems Conduct penetration testing and routine vulnerability scans Monitor networks and systems for threats; lead incident response efforts Perform root cause analysis and maintain incident response protocols Recommend enhancements to improve overall security posture Deliver security awareness training and ensure compliance with … segmentation Knowledge of Zero Trust architecture and cloud-native security practices Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC) Skilled in log analysis, threat detection, and incident handling Excellent communication and stakeholder engagement abilities Certifications such as CEH, OSCP, CISSP, Security+, or GSEC are advantageous Salary/Package Basic salary of between £50k-£55k 4% Pension More ❯

e.g., firewalls, SIEM, IDS/IPS, endpoint protection) Oversee access controls and identity management systems Conduct penetration testing and routine vulnerability scans Monitor networks and systems for threats; lead incident response efforts Perform root cause analysis and maintain incident response protocols Recommend enhancements to improve overall security posture Deliver security awareness training and ensure compliance with … segmentation Knowledge of Zero Trust architecture and cloud-native security practices Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC) Skilled in log analysis, threat detection, and incident handling Excellent communication and stakeholder engagement abilities Certifications such as CEH, OSCP, CISSP, Security+, or GSEC are advantageous Benefits: 4% Pension Life Insurance 3 x salary 25 days annual More ❯

e.g., firewalls, SIEM, IDS/IPS, endpoint protection) Oversee access controls and identity management systems Conduct penetration testing and routine vulnerability scans Monitor networks and systems for threats; lead incident response efforts Perform root cause analysis and maintain incident response protocols Recommend enhancements to improve overall security posture Deliver security awareness training and ensure compliance with … segmentation Knowledge of Zero Trust architecture and cloud-native security practices Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC) Skilled in log analysis, threat detection, and incident handling Excellent communication and stakeholder engagement abilities Certifications such as CEH, OSCP, CISSP, Security+, or GSEC are advantageous Benefits: 4% Pension Life Insurance 3 x salary 25 days annual More ❯

on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯

on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯

support cyber-recovery solutions across large-scale PowerScale platforms Lead data integration and migration initiatives, ensuring seamless synchronisation across enterprise systems Conduct risk assessments , develop recovery strategies, and coordinate incident-response testing Collaborate with internal and client teams to drive best practice in data security, recovery, and optimisation Troubleshoot complex issues and provide technical documentation, knowledge sharing, and … training 🧠 Skills & Experience Proven experience with PowerScale/Isilon and enterprise-grade storage technologies Strong understanding of cyber-security frameworks , incident response, and data-recovery methodologies Hands-on experience with data migration, scripting (PowerShell, Python) , and automation tools Excellent communication and problem-solving skills Certifications such as EMC Proven Professional, CISSP, CISM are a plus More ❯

term basis. The primary mandate is to conduct a rapid, high-impact review and uplift of critical security governance functions, focusing specifically on asset management, third-party assurance, and incident preparedness. Key Responsibilities and Deliverables: The successful candidate will be a hands-on leader responsible for the following key reviews: 1. Group Information Asset Register (IAR) Review Audit and … diligence and ongoing monitoring. Define a tiered, risk-based methodology for assurance reviews, ensuring the rigor of the review matches the vendor's inherent risk to the organization. 3. Incident Response and Recovery Plan (IRRP) Validation Critically Review the current IRRP for clarity, compliance, and integration with broader Business Continuity (BC) plans. Coordinate and Lead scenario-based tabletop … Security, with significant time in a senior leadership or CISO/Interim CISO role. Demonstrable expertise in Information Asset Management, Third-Party Risk Management (TPRM), and leading high-stakes Incident Response efforts. Deep practical knowledge of GRC frameworks (e.g., NIST CSF, ISO 27001). Exceptional ability to communicate complex risks and solutions clearly to executive and board-level More ❯

term basis. The primary mandate is to conduct a rapid, high-impact review and uplift of critical security governance functions, focusing specifically on asset management, third-party assurance, and incident preparedness. Key Responsibilities and Deliverables: The successful candidate will be a hands-on leader responsible for the following key reviews: 1. Group Information Asset Register (IAR) Review Audit and … diligence and ongoing monitoring. Define a tiered, risk-based methodology for assurance reviews, ensuring the rigor of the review matches the vendor's inherent risk to the organization. 3. Incident Response and Recovery Plan (IRRP) Validation Critically Review the current IRRP for clarity, compliance, and integration with broader Business Continuity (BC) plans. Coordinate and Lead scenario-based tabletop … Security, with significant time in a senior leadership or CISO/Interim CISO role. Demonstrable expertise in Information Asset Management, Third-Party Risk Management (TPRM), and leading high-stakes Incident Response efforts. Deep practical knowledge of GRC frameworks (e.g., NIST CSF, ISO 27001). Exceptional ability to communicate complex risks and solutions clearly to executive and board-level More ❯

term basis. The primary mandate is to conduct a rapid, high-impact review and uplift of critical security governance functions, focusing specifically on asset management, third-party assurance, and incident preparedness. Is this your next job Read the full description below to find out, and do not hesitate to make an application. Key Responsibilities and Deliverables: The successful candidate … diligence and ongoing monitoring. Define a tiered, risk-based methodology for assurance reviews, ensuring the rigor of the review matches the vendor's inherent risk to the organization. 3. Incident Response and Recovery Plan (IRRP) Validation Critically Review the current IRRP for clarity, compliance, and integration with broader Business Continuity (BC) plans. Coordinate and Lead scenario-based tabletop … Security, with significant time in a senior leadership or CISO/Interim CISO role. Demonstrable expertise in Information Asset Management, Third-Party Risk Management (TPRM), and leading high-stakes Incident Response efforts. Deep practical knowledge of GRC frameworks (e.g., NIST CSF, ISO 27001). Exceptional ability to communicate complex risks and solutions clearly to executive and board-level More ❯

on expertise across critical systems. Information Security Manager: Duties Experience of business acquisitions - Highly desirable Develop/Maintain enterprise InfoSec strategy aligned business goals Oversee security architecture, vulnerability management, incident response and threat intelligence Lead security risk assessments and manage remediation plans for gaps Financial regulation compliance - GDRP, PCI DSS, SOX, FCA Establish security policies, standards & procedures Repost More ❯

practices into development and project delivery processes collaborate with IT, development, and project teams to ensure a consistent and pragmatic security approach contribute to business continuity, disaster recovery, and incident response planning communicate complex security concepts clearly to both technical and non-technical stakeholders partner with auditors, vendors, and external security service providers What we’re looking for More ❯

in offensive cybersecurity (red teaming, use of tools like Metasploit, Nmap, etc.). Experience with physical security assessments aligned with NIS and NPSA standards. Expertise in Digital Forensics and Incident Response (DFIR) in industrial environments (e.g., VxWorks, RTOS, Embedded Linux, WinCC, PCS 7). Benefits: 28 days holiday plus bank holidays Flexible working, predominantly office based. Flexible Pension More ❯

proxy, CrowdStrike-equivalent tools Data management : Supporting data labelling & retention projects using Purview or similar Governance support : Involved in data loss prevention, labelling, and stakeholder engagement (including DPO) Practical incident response input : Advising IT on immediate steps during incidents, converting theory into quick, actionable responses Ongoing InfoSec operations : Metrics, monitoring, and security projects across applications and users Tech … tools you’ll use: Microsoft Purview – Data governance and policy enforcement Microsoft Defender – Endpoint & email protection CrowdStrike/equivalents – Endpoint detection & response Web proxy & email security tools Azure (beneficial) – IAM, monitoring, and security logging Why this role? Be central to shaping data governance and security operations in a dynamic SME environment Hands-on exposure to a wide range of More ❯

ISO 27001, IEC 62443, NIS-D/NIS-R. Desirable Skills: Hands-on experience with offensive security tools and red teaming in OT environments. Exposure to Digital Forensics and Incident Response (DFIR) within industrial networks. Experience working with Agile project tools such as JIRA, Confluence or Microsoft Planner. Main Benefits: Negotiable salary (enquire for details) 28 days holiday More ❯

Principles & Technologies. Experience of Security Related Technical Investigations Hands-On Technical Experience of Conducting Vulnerability Scanning & Evaluating Results Commercial Awareness & (Ideally) Experience of PCI DSS (Current Version) Experience with Incident Response Procedures & Investigations Strong Verbal & Written Communication Skills High Attention to Detail Strong Team Player Searches: Vulnerability Management Analyst/VM Analyst/Information Security Analyst/Information More ❯