1 to 25 of 86 Incident Response Jobs in Buckinghamshire

Digital Forensics & Incident Response Consultant Our client, a globally recognised consultancy with one of the most established and high-performing Cyber Incident Response teams in the UK, is looking to hire new incident response talent. As one of only 9 accredited Tier 1 responders … industries, work on some of the most significant incidents in the UK, and benefit from top-tier training and certifications. Key Responsibilities of an Incident Response Consultant: Lead and coordinate response efforts for high-impact cyber incidents Conduct forensic analysis of compromised systems, memory dumps, and network … data. Provide clients with actionable insights on emerging threats and attacker tactics. Collaborate directly with stakeholders during response and recovery engagements. Support pre-sales efforts by contributing to bids, proposals, and client pitches. Key requirements of an Incident Response Consultant: Proven hands-on experience managing and investigating More ❯

Digital Forensics & Incident Response Consultant Our client, a globally recognised consultancy with one of the most established and high-performing Cyber Incident Response teams in the UK, is looking to hire new incident response talent. As one of only 9 accredited Tier 1 responders … industries, work on some of the most significant incidents in the UK, and benefit from top-tier training and certifications. Key Responsibilities of an Incident Response Consultant: Lead and coordinate response efforts for high-impact cyber incidents Conduct forensic analysis of compromised systems, memory dumps, and network … data. Provide clients with actionable insights on emerging threats and attacker tactics. Collaborate directly with stakeholders during response and recovery engagements. Support pre-sales efforts by contributing to bids, proposals, and client pitches. Key requirements of an Incident Response Consultant: Proven hands-on experience managing and investigating More ❯

a continuous, living threat management system throughout the duration of the contract, rather than a single point-in-time assessment. We’re expanding our Incident Response team and looking for a Incident Response Analyst to join us in tackling some of the most challenging cybersecurity threats. … a critical role in reducing the impact of cyberattacks and enchanting our clients security posture to prevent future attacks. Key responsibilities include: Conducting initial incident assessments and contribute to Incident Response management. Participate in live Incident Response operations including digital forensics. Perform security assessments, threat … etc. Proficiency in log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding of incident response following NIST 800-61 guidelines incorporating containment, eradication and recovery phases. Experience with digital forensics and investigations, including evidence collection and chain More ❯

a continuous, living threat management system throughout the duration of the contract, rather than a single point-in-time assessment. We’re expanding our Incident Response team and looking for a Incident Response Analyst to join us in tackling some of the most challenging cybersecurity threats. … a critical role in reducing the impact of cyberattacks and enchanting our clients security posture to prevent future attacks. Key responsibilities include: Conducting initial incident assessments and contribute to Incident Response management. Participate in live Incident Response operations including digital forensics. Perform security assessments, threat … etc. Proficiency in log analysis of Networking, Windows, Mac and Linux and Cloud. Understanding of evidence collection process based on priority. Strong understanding of incident response following NIST 800-61 guidelines incorporating containment, eradication and recovery phases. Experience with digital forensics and investigations, including evidence collection and chain More ❯

in a change-oriented environment, stay ahead of emerging threats through horizon scanning, and push for continuous improvement across key areas like vulnerability management, incident response, and SOC assurance. If you don't settle for second best and are passionate about embedding a culture of excellence and forward … updates to the Head of Information Security and Executive Security Steering Group. Drive Key Improvements: Lead strategic efforts to enhance vulnerability management confidence, improve incident response capability, and increase assurance around SOC operations. Change Leadership: Actively contribute to the implementation of the new Security TOM, championing change, innovation … ensure compliance with regulatory requirements and internal standards. Strategic Planning & Resilience: Support the long-term security strategy, while identifying opportunities to improve operational resilience. Incident Response Management: Own the security incident response process—ensuring quick, coordinated, and effective handling of events. Budget & Vendor Management: Contribute to More ❯

in a change-oriented environment, stay ahead of emerging threats through horizon scanning, and push for continuous improvement across key areas like vulnerability management, incident response, and SOC assurance. If you don't settle for second best and are passionate about embedding a culture of excellence and forward … updates to the Head of Information Security and Executive Security Steering Group. Drive Key Improvements: Lead strategic efforts to enhance vulnerability management confidence, improve incident response capability, and increase assurance around SOC operations. Change Leadership: Actively contribute to the implementation of the new Security TOM, championing change, innovation … ensure compliance with regulatory requirements and internal standards. Strategic Planning & Resilience: Support the long-term security strategy, while identifying opportunities to improve operational resilience. Incident Response Management: Own the security incident response process—ensuring quick, coordinated, and effective handling of events. Budget & Vendor Management: Contribute to More ❯

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology, we … position will require extensive and frequent travel to multiple locations and sometimes on short term notice. Reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and serve as the Incident Commander in all … VPNs, and group policies Liase with DFIR team and Sales to keep open communication regarding compromised client Assist DFIR team with additional workflow through incident response cases Communicate effectively with clients to understand their specific needs, provide updates on remediation progress, and offer guidance on enhancing their cybersecurity More ❯

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology, we … position will require extensive and frequent travel to multiple locations and sometimes on short term notice. Reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and serve as the Incident Commander in all … VPNs, and group policies Liase with DFIR team and Sales to keep open communication regarding compromised client Assist DFIR team with additional workflow through incident response cases Communicate effectively with clients to understand their specific needs, provide updates on remediation progress, and offer guidance on enhancing their cybersecurity More ❯

a pivotal role at the heart of a rapidly growing mobile-first payments solution organisation, where you can truly shape and affect how the incident response is delivered. You would be reporting to the Security Operations Lead (who reports to the Head of Security) and will be working … responsibilities You will be responsible for building the infrastructure of a new in-house SOC, all the way through to conducting precise and robust incident response against basic and advanced threat actors. You will be responsible for the automation workflow design and use case development. You will work … on the SIEM detection content development and false positive reduction. You will be in charge of robust and detailed incident response to threats, investigation, and triage of day-to-day security events. Key requirements Experience in deploying security related IaC projects at scale. Familiarity with SOAR and optimisation More ❯

a pivotal role at the heart of a rapidly growing mobile-first payments solution organisation, where you can truly shape and affect how the incident response is delivered. You would be reporting to the Security Operations Lead (who reports to the Head of Security) and will be working … responsibilities You will be responsible for building the infrastructure of a new in-house SOC, all the way through to conducting precise and robust incident response against basic and advanced threat actors. You will be responsible for the automation workflow design and use case development. You will work … on the SIEM detection content development and false positive reduction. You will be in charge of robust and detailed incident response to threats, investigation, and triage of day-to-day security events. Key requirements Experience in deploying security related IaC projects at scale. Familiarity with SOAR and optimisation More ❯

practices. Provide expert recommendations and solutions to mitigate identified vulnerabilities, enhancing client systems’ security postures. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate the impact of the incident. … Work with other teams, such as IT and security operations, to develop and implement a containment strategy. Analyse incident data to determine the root cause of the incident and identify recommendations for improvement. Document and report incidents to the incident response team and other relevant stakeholders. … testing findings, including risk levels, remediation steps, and strategic recommendations. EXPERIENCE: Minimum of 4+ years of experience in cybersecurity, specifically in penetration testing and Incident Response, vulnerability management, and risk assessment. Public Sector experience, ideally MOD, MOJ, Must be SC clearable. Proven hands-on experience with tools such More ❯

practices. Provide expert recommendations and solutions to mitigate identified vulnerabilities, enhancing client systems’ security postures. Investigate alerts and suspicious activity to determine if an incident has occurred. Contain affected systems and networks to prevent the incident from spreading. Implement temporary measures to mitigate the impact of the incident. … Work with other teams, such as IT and security operations, to develop and implement a containment strategy. Analyse incident data to determine the root cause of the incident and identify recommendations for improvement. Document and report incidents to the incident response team and other relevant stakeholders. … testing findings, including risk levels, remediation steps, and strategic recommendations. EXPERIENCE: Minimum of 4+ years of experience in cybersecurity, specifically in penetration testing and Incident Response, vulnerability management, and risk assessment. Public Sector experience, ideally MOD, MOJ, Must be SC clearable. Proven hands-on experience with tools such More ❯

s carefully selected team of experts are capable of solving complex cybersecurity challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with Proven defensive methodology. Our … in insurance law and claims handling. This role supports the CERT team with reviewing insurance policies, assisting with claims assessments, and contributing to breach response efforts. Ideal for someone with early in-house or private practice experience who’s ready to grow into a broader commercial legal role. This … role will provide review, assessment, advise and expertise in the management of the claims process to support CyberClan’s delivery of Incident Response projects, including analysis of claims and providing recommendation for resolution of those claims. We are seeking an experienced claims professional to join our team and More ❯

s carefully selected team of experts are capable of solving complex cybersecurity challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with Proven defensive methodology. Our … in insurance law and claims handling. This role supports the CERT team with reviewing insurance policies, assisting with claims assessments, and contributing to breach response efforts. Ideal for someone with early in-house or private practice experience who’s ready to grow into a broader commercial legal role. This … role will provide review, assessment, advise and expertise in the management of the claims process to support CyberClan’s delivery of Incident Response projects, including analysis of claims and providing recommendation for resolution of those claims. We are seeking an experienced claims professional to join our team and More ❯

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology, we … position will require extensive and frequent travel to multiple locations and sometimes on short term notice. Reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and serve as the Incident Commander in all … through mitigation and remediation Liase with DFIR team and Sales to keep open communication regarding compromised client Assist DFIR team with additional workflow through incident response cases Monitor network incidents using network monitoring tools and other systems to maintain 99.9% uptime of our network Monitor and take ownership More ❯

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology, we … position will require extensive and frequent travel to multiple locations and sometimes on short term notice. Reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and serve as the Incident Commander in all … through mitigation and remediation Liase with DFIR team and Sales to keep open communication regarding compromised client Assist DFIR team with additional workflow through incident response cases Monitor network incidents using network monitoring tools and other systems to maintain 99.9% uptime of our network Monitor and take ownership More ❯

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology, we … security teams, customer operation teams as well as breach coach legal teams. This role with be reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and will collaborate closely with other cross-functional teams … identification of root cause and issue resolution or escalation Identify and escalate priority issues that need immediate attention Meet or exceed customer expectations on response quality, timeliness of responses and overall customer experience Serve as internal and external point of contact on customer escalations and ensure customer issues are More ❯

carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber-attacks with proven defensive methodology, we … security teams, customer operation teams as well as breach coach legal teams. This role with be reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and will collaborate closely with other cross-functional teams … identification of root cause and issue resolution or escalation Identify and escalate priority issues that need immediate attention Meet or exceed customer expectations on response quality, timeliness of responses and overall customer experience Serve as internal and external point of contact on customer escalations and ensure customer issues are More ❯

represent information security being able to interpret technical design and how information security best practices should be applied. Also be able to lead with incident management investigations and conduct risk and vulnerability assessments where appropriate. Key Accountabilities & Responsibilities Role Accountabilities Conduct risk and vulnerability assessments to identify and mitigate … information security within projects ensure best practice is adhered to. Coordinate across departments to ensure risk is managed through compressive security measures and polices Incident response and management – lead and participate in complex incident investigations Develop and maintain cyber incident response plans and playbooks. Conduct … post-incident reviews and implement lessons learnt to improve the organisation’s security posture Requirements: Either Technical Operations Security experience with an interest to work within a governance role or experience working in a Security Governance role Ability to assess system controls based on a documented standard Will be More ❯

aligned with best practices. Monitor and address emerging threats, vulnerabilities, and security trends, ensuring timely implementation of countermeasures. Perform vulnerability assessments, threat analysis, and incident response. Participate in Incident response efforts by conducting log analysis, gathering evidence, and executing remediation tasks. Work closely with partners in infrastructure … such as AZ-500/AZ-700/AZ -305. Background in computer networking. Experience with a scripting language for task automation. Previous incident response participation. Previous experience working as a security or infrastructure engineer in a cloud environment. Enjoy our comprehensive benefits package designed to meet More ❯

aligned with best practices. Monitor and address emerging threats, vulnerabilities, and security trends, ensuring timely implementation of countermeasures. Perform vulnerability assessments, threat analysis, and incident response. Participate in Incident response efforts by conducting log analysis, gathering evidence, and executing remediation tasks. Work closely with partners in infrastructure … such as AZ-500/AZ-700/AZ -305. Background in computer networking. Experience with a scripting language for task automation. Previous incident response participation. Previous experience working as a security or infrastructure engineer in a cloud environment. Enjoy our comprehensive benefits package designed to meet More ❯

aligned with global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT … cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership with security operations, legal, compliance, incident response teams, etc. Qualifications & Experience: Bachelor’s degree; Preferred Management Information Systems, Computer Science, Engineering, or related discipline. 5-10 years of information …/IP, Storage devices, network devices, fail-safe strategies, system architecture, LAN and WAN and intranet/internet security environments including firewalls, intrusion detection, incident response, vulnerability testing, operating system hardening, regulatory compliance, and data classification. Experience in IAM, SEIM, Log Management, Patch Management, Vulnerability Management, eDiscovery, Cloud More ❯

aligned with global business risk/objectives. This role is focused on technical operations and support of various information security tools including event/incident management (SIEM), cloud security, endpoint detection and response, email security, and vulnerability management. This position will be responsible for supporting the Director IT … cloud security, certificate management, network security, and vulnerability management. Respond to critical incidents in a timely manner in partnership with security operations, legal, compliance, incident response teams, etc. Qualifications & Experience: Bachelor’s degree; Preferred Management Information Systems, Computer Science, Engineering, or related discipline. 5-10 years of information …/IP, Storage devices, network devices, fail-safe strategies, system architecture, LAN and WAN and intranet/internet security environments including firewalls, intrusion detection, incident response, vulnerability testing, operating system hardening, regulatory compliance, and data classification. Experience in IAM, SEIM, Log Management, Patch Management, Vulnerability Management, eDiscovery, Cloud More ❯

the fight against evolving threats. Reporting to the Head of Cyber Security, the Senior SOC Engineer will play a critical role in threat detection, incident response, and driving the implementation of best-in-class security operations across the business. 🔍 Microsoft Security Engineer Key Responsibilities: Oversee the end-to … end security monitoring process, including log management, threat detection, and response using tools like Microsoft Sentinel . Drive vulnerability management efforts and support remediation in collaboration with IT teams. Lead investigations into security incidents, coordinating with internal teams and external partners as needed. Maintain and continuously improve security controls … Skills & Experience: Must Have: SC-200 or equivalent Microsoft Security certification. Strong experience in Microsoft Security technologies: Sentinel, Defender, Purview, Azure, Intune. Experience with incident response, threat hunting, and security operations processes. Familiarity with Tenable Nessus and KQL for query building. Strong foundation in operating systems (Windows Server More ❯

the fight against evolving threats. Reporting to the Head of Cyber Security, the Senior SOC Engineer will play a critical role in threat detection, incident response, and driving the implementation of best-in-class security operations across the business. 🔍 Microsoft Security Engineer Key Responsibilities: Oversee the end-to … end security monitoring process, including log management, threat detection, and response using tools like Microsoft Sentinel . Drive vulnerability management efforts and support remediation in collaboration with IT teams. Lead investigations into security incidents, coordinating with internal teams and external partners as needed. Maintain and continuously improve security controls … Skills & Experience: Must Have: SC-200 or equivalent Microsoft Security certification. Strong experience in Microsoft Security technologies: Sentinel, Defender, Purview, Azure, Intune. Experience with incident response, threat hunting, and security operations processes. Familiarity with Tenable Nessus and KQL for query building. Strong foundation in operating systems (Windows Server More ❯