1 to 25 of 191 Remote/Hybrid Permanent Incident Response Jobs

Senior Security Engineer – Detection & Response – EU/UK Remote, UK We are seeking a UK-based Senior Security Engineer to join our Security Operations and Response Team as a senior individual contributor. In this role, you will investigate and respond to security incidents across Marqeta’s environment, proactively … monitor for cyber threats, and serve as incident commander during security events of varying severity. You will contribute to the development and improvement of response methodologies aligned with the NIST Incident Response Lifecycle and help maintain cybersecurity incident response documentation. This position requires strong ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

Information Security Incident Manager Location: Leeds (Hybrid – 2 days per week on site). Contract: Permanent, Full Time. Salary: £70,000 - £80,000 (DOE). Job Overview The Information Security Incident Manager will lead the organisation’s response to cyber security incidents, strengthening overall resilience. The role … commands major cyber incidents, coordinating technical and business teams, ensuring effective governance, preparedness, and regulatory compliance. Responsibilities Lead the organisation’s cyber incident response, coordinating technical, operational, and business activities from containment to recovery. Act as Cyber Incident Commander for major incidents, setting priorities, directing response ...

Senior Cyber Security Analyst to help strengthen its security posture and safeguard critical systems. This is an excellent opportunity for someone passionate about incident response and proactive threat management within a dynamic, fast-paced environment. The ideal candidate will have a positive go-getter attitude, and will have … experience of incident response, using MS security tools and ideally an understanding of Tanium. Key Responsibilities Working with the Head of Information Security to mature the incident response capability Using your understanding of the contemporary threat environment to assist with your vulnerability investigations and response ...

Senior Consultant | Cybersecurity - Incident Response | Forensic & Litigation Consulting FTI Consulting is the leading global expert firm for organizations facing crisis and transformation. We work with many of the world’s top multinational corporations, law firms, banks and private equity firms on their most important issues to deliver impact … order to assimilate client needs and design appropriate technical solutions. Lead assessment of current threat identification techniques and development of new methodologies and frameworks. Incident analysis, combining sound analytical skills with advanced knowledge of cybersecurity, digital forensics and incident response. Assess client cybersecurity postures against industry‐standard best ...

cyber security challenges, and wants to make a real impact within a large-scale enterprise environment. Key Responsibilities Lead and coordinate cyber operations and incident response activities across the organisation. Support the enhancement of cyber containment and response capabilities. Manage and respond to complex cyber security incidents … governance, and security control initiatives. Skills & Experience Required To be successful in this role, you should have: Strong hands-on experience in Cyber Security Incident Response or Cyber Operations. Deep technical expertise in one or more incident response related domains, including: SOC Operations Malware Analysis Endpoint ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

solving complex security challenges across modern cloud and enterprise environments.You’ll play a key role in strengthening detection capabilities, improving visibility across systems, enhancing incident response processes, and driving automation initiatives within a mature but evolving cyber function.The role offers broad exposure across security engineering, detection engineering, cloud … security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted ...

tier global consulting firm with one of the UK's largest and most respected cyber practices, housing over 200 specialists. Their Cyber Incident Response team is on the front line, helping organisations prepare for, respond to, and recover from the threats that keep boards awake at night. They … roles require at least eligibility for UK Security Check (SC) clearance. Existing clearance is highly advantageous. What You'll Do Lead and execute live incident response investigations, from forensic acquisition and root cause analysis to threat containment and eviction. Perform host-based and network forensics across Windows, Linux ...

supportive and collaborative environment with ongoing opportunities to develop your technical expertise and progress your career within cyber security. Key Responsibilities Security Monitoring & Incident Response Monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos Antivirus. Investigate cyber security incidents … including malware infections, phishing attacks, identity compromise, and unauthorised access attempts. Conduct incident triage, root cause analysis, containment, remediation, and recovery activities. Lead or support incident response activities in line with internal procedures and security standards. Escalate major incidents appropriately and provide timely updates to stakeholders. Threat ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

environment and you will have on-going opportunities to develop your technical skills and grow within cyber security What you will do: Security Monitoring & Incident Response Actively monitor alerts and telemetry across endpoints, identities, email, and cloud services using Rapid7 SIEM, Microsoft Defender, and Sophos AV. Investigate suspected … malware infections, phishing campaigns, identity compromise, and unauthorised access attempts. Perform triage, root cause analysis, containment, and remediation of security incidents. Lead or support incident response activities in line with internal policies and procedures. Escalate significant incidents appropriately and provide clear, timely updates to stakeholders. Threat Detection & Prevention ...

years of experience assessing and developing cybersecurity solutions and programs across security domains. Experience in one or more of the following information security domains: incident response, security operations, detection engineering, threat intelligence, threat modeling, cloud security, enterprise architecture. Experience with common security controls and standards. Experience communicating technical … managing the risks for their security program. Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned ...

integrated into business unit initiatives, motivating business units to adopt efficient security controls throughout their lifecycle. Oversight of R&B’s and Corporate platforms response to Incident, integrating cyber incident response policies with business operations to improve agility and effectiveness in cyber incident management. Work … internal business units to enhance cyber security communication, including knowledge of threats, vulnerabilities, and mitigation strategies. Provide strategic insights to senior management on cyber incident response readiness and effectiveness. Collaborate with security leadership to enforce cyber security policies and practices, addressing operations and incident response. Provide expertise ...

fully remote and allows you to work from anywhere within Northern Ireland. How you’ll make an impact Lead improvements in detection and response capabilities, continuously optimizing monitoring, alerting, and incident response processes. Mentor junior and mid‐level engineers, setting a high standard in security practices … decisions. Lead automation and process optimization efforts by developing scripts and tools to automate repetitive security tasks as well as to enhance detection and response capabilities through the use of automation and integration of security tools. What will set you up for success Bachelor's degree in Computer Science ...

intelligence products with internal and external stakeholders and use this intelligence to support vulnerability management and threat hunting activities. Additionally, you will contribute to incident response processes and provide support to colleagues responsible for the IPOs protection, detection, and response capabilities. If you have strong relevant expertise … best practice guidance. Metrics & Reporting Develop and maintain actionable metrics that demonstrate the effectiveness of the organisations vulnerability management and threat intelligence capabilities. Incident Response Support Contribute to and enhance our incident response processes, representing Cyber Security in operational incident calls, keeping stakeholders informed ...

into change initiatives, and security by design principles are applied. Provide 3rd line support to the IT service desk, responding to support requests and incident tickets which have been triaged and escalated to the cybersecurity operations team, and provide out of hours support through participation in an on-call … threat hunting, analysing logs and event data across the firms' systems, and procuring threat intelligence to inform the hunts. Provide technical leadership during security incident response, from identification through to containment, eradication, recovery and post incident review, reporting and recommendations; liaising with external IR providers as required. ...

play a key role in ensuring our systems and processes align with ISO 27001 and SOC 2 requirements, contributing to risk assessments, and supporting incident response activities. Working closely with product and engineering teams, you’ll help embed security into the design of our Microsoft Word … threat modelling, define non-functional security requirements, and review designs for security impact. Guide security considerations in our AI/LLM-enabled products. Risk & Incident Management Own the company-wide incident response plan and lead tabletop exercises. Perform ongoing risk assessments, vendor security reviews, and DPIAs. Ensure ...