1 to 25 of 88 Incident Response Jobs in Central London

them on a permanent basis. You will help to establish and lead local security operations capability across European offices, providing strategic technical leadership in incident response, cyber threat visibility, and security resilience. This role will bridge the gap between our centralized corporate security services and regional business needs. … Responsibilities Incident Response & Security Operations Lead and mature security incident response capabilities across the organisation Oversee incident investigations, alert triage, and threat hunting activities Develop and execute tabletop exercises and incident response playbooks Provide expert technical guidance during security incidents and recovery efforts ...

primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document … infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams ...

Lead Cybersecurity Incident Responder - IR, Cyber, Salary: Competitive, based on experience + benefits Location: London/Hybrid (some travel European travel) About the Organisation This forward-thinking cybersecurity intelligence organisation is recognised as a European leader, partnering with some of the most prominent brands to anticipate, prevent, and respond … innovate, and make a real impact. Who We're Looking For We are seeking a highly experienced cybersecurity professional with a strong background in incident response and advanced security operations. Essential experience and skills: * Extensive hands-on experience in Incident Response (IR), SOC, MSSP, CSIRT ...

role will suit a technically capable individual with experience in security operations who is looking to broaden their exposure across security monitoring, engineering, and incident response within a dynamic environment. The role provides hands-on involvement in triaging and investigating security alerts, acting as an escalation point … outsourced Security Operations Centre (SOC), supporting major incident response activities. The successful candidate will work closely with infrastructure and network teams to manage and optimise endpoint, email, identity, and vulnerability management platforms, while contributing to continuous improvement of the organisation’s security posture. This role offers the opportunity ...

Operations Analyst to join a fast-growing Blue Team within our Cyber Practice. You will work with high-profile clients to ensure effective cyber incident detection, response, and threat mitigation across cloud, endpoint, and network environments. Key Responsibilities: Develop, maintain, and enhance security detection content for SIEM platforms … escalation for junior analysts. Serve as a technical subject matter expert on client engagements, presenting findings to senior stakeholders. Participate in alert testing, incident response exercises, and threat hunting activities. Stay up to date with the latest threat intelligence and emerging attacker tactics. Additional Responsibilities (client-dependent): Threat ...

provider. Provide Hands-on technical support to Engineers to meet SLAs and support major migrations. Responsible for driving initiatives that improve system reliability, availability, incident response, and overall operational excellence. Coordinate efforts across SRE, engineering, product, support, and other teams to deliver high-quality, stable services and infrastructure. … week and be flexible for 5 days if necessary. Experience with PaaS/SaaS, cloud environments, distributed systems, observability tooling, on-call/incident management tools. Data-driven mindset: comfortable analysing metrics, generating reports, and driving improvements based on data. Familiarity with SRE principles — high availability, reliability, observability, incident ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

intelligence, and security leadership. Key Responsibilities Act as the final escalation point for complex security alerts and incidents across the enterprise Lead and coordinate incident response activities , including containment, eradication, and post-incident reviews Perform advanced threat hunting and proactive investigations using SIEM, EDR, and cloud telemetry … MITRE ATT&CK Work extensively with the Microsoft Security stack , including Sentinel, Defender XDR, Entra ID, and M365 Security Improve SOC processes, playbooks, and response procedures to reduce MTTD and MTTR Support and mentor Level 1 and Level 2 analysts, raising overall SOC capability Collaborate with wider security teams ...

Cyber Practice as part of our Blue Team, where you'll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. If you're looking to make your mark on a rapidly growing SecOps team with some very exciting clients, this … attention to detail, and a strong background in cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key Responsibilities Detection Engineering - Develop, maintain, and enhance security detection content primarily for the Splunk SIEM, to enable the detection ...

implementing, operating, and monitoring technical security controls across IT and operational environments. The role is hands-on and delivery-focused, covering vulnerability management, incident response, identity and access controls, security tooling, and technical risk mitigation, while working in alignment with governance and risk requirements. Key Responsibilitie s Security … Controls & Architecture Vulnerability & Threat Management Incident Response Identity, Access & Data Security Risk & Compliance Support Security Training and awareness Required Technical Experience: Proven experience in a hands-on IT security/cybersecurity role Logging and monitoring Security Tooling (vulnerability scanning (Tenable, Qualys, Rapid7) Endpoint or network security platforms ...

cyber security, able to engage deeply with architecture, designs, and risk trade-offs Talk audit and risk (!) – talk at board and committee level Lead incident response, risk management, and disaster recovery with both strategic oversight and technical understanding Line manage two Data Protection Officers (DPOs), ensuring privacy, governance … challenging across areas such as: Network and firewall architecture Identity and access management and MFA Vulnerability management and patching strategies Phishing, endpoint protection, and incident response workflows You will be expected to make technical decisions, not simply approve recommendations. Essential Experience Senior Manager, Lead, or Head-level experience ...

solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge ...

risk assessments to proactively identify potential risks and develop mitigation strategies Track, analyse, and manage vulnerabilities in applications, providing guidance for remediation efforts Support incident response by investigating and analyzing security incidents related to applications Stay current on the latest security threats, vulnerabilities, and technologies to enhance … background looks something like: Extensive experience in application security, cybersecurity, or related fields Strong understanding of secure coding practices, threat modelilng, risk assessments, and incident response Proficiency in programming languages such as TypeScript, Python, or similar Experience with security tools, security protocols, encryption methods, and application security frameworks ...

work GRC experience ideally encompassing policy & documentation and third party risk (including RFIs) Experience of threat intelligence, network security, vulnerability management, and incident response Strong business facing skills ideally gained from a working in a corporate/enterprise environment Incident response experience Please send your ...

solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge ...

high-risk processing activities. Managing third-party vendor data protection risk, from initial due diligence through to ongoing monitoring. Overseeing personal data breach incident response, ensuring timely containment, investigation, and reporting. Monitoring and maintaining data retention processes, ensuring compliance with legal, regulatory, and business requirements. This role offers … compliance (e.g. GDPR or equivalent frameworks). Strong understanding of data protection risk assessment and mitigation processes. Proven experience in data breach management and incident response coordination. Desirable Skills and Attributes Collaboratively curious — keen to engage with colleagues to find pragmatic, compliant solutions. Trustworthy and ethically minded, with ...

Azure Implement and enforce best practices in Identity & Access Management to ensure secure configurations Collaborate with the Security Operations Centre (SOC) on detection, response, and incident management activities Maintain and optimise email security solutions such as Mimecast and Material Security, including threat mitigation and authentication protocols Manage endpoint … controls with standards such as ISO 27001, PCI-DSS and SOC2, contributing to audits and compliance efforts Investigate security incidents, supporting forensic analysis and incident reporting Monitor emerging security trends, recommend improvements, and implement innovative solutions to stay ahead of evolving threats Required Skills: Strong working knowledge of industry ...

secure SDLC practices with DevOps and engineering teams. Lead security programmes across endpoints, cloud, and customer facing products. Continuously improve security monitoring, tools, and incident readiness. 3. Incident Management & Operational Security Take ownership of security incidents as the primary point of contact. Coordinate response across internal teams … penetration tests and security assessments, track findings, and verify remediation. Your Present Skillset • Strong engineering experience, preferably in cloud or application security. • Expertise in incident response, SOC operations, and working with MSSPs •Deep understanding of cloud-native environments and infrastructure-as-code. • Experienced in defining and implementing security ...

reliability & cost: Apply SRE practices (error budgets, change management, resilience testing), right‐size resources, and use cloud provider tooling for security/cost posture. Incident response & on‐call: Participate in a fair, documented on‐call rota; lead and/or contribute to incident handling, comms, post‐incident … define metrics/traces/logs, tune alerts, and drive SLOs. Scripting & automation: Proficiency in Python and Bash; experience with boto3 or equivalent SDKs. Incident management: Exposure to production incidents, on‐call participation, and post‐incident review practices. Clear communication, stakeholder partnership, and a bias to automate, document ...

reliability & cost: Apply SRE practices (error budgets, change management, resilience testing), right‐size resources, and use cloud provider tooling for security/cost posture. Incident response & on‐call: Participate in a fair, documented on‐call rota; lead and/or contribute to incident handling, comms, post‐incident … define metrics/traces/logs, tune alerts, and drive SLOs. Scripting & automation: Proficiency in Python and Bash; experience with boto3 or equivalent SDKs. Incident management: Exposure to production incidents, on‐call participation, and post‐incident review practices. Clear communication, stakeholder partnership, and a bias to automate, document ...

including but not limited to: Integrated Risk Management (IRM): Policy Management, Compliance & Audit Management, Vendor Risk Management, Business Continuity Management. Security Operations (SecOps): Vulnerability Response, Security Incident Response, Security Dashboards. IT Service Management (ITSM). IT Operations Management (ITOM). Customer Service Management (CSM). Integration Design ...

including but not limited to: Integrated Risk Management (IRM): Policy Management, Compliance & Audit Management, Vendor Risk Management, Business Continuity Management. Security Operations (SecOps): Vulnerability Response, Security Incident Response, Security Dashboards. IT Service Management (ITSM). IT Operations Management (ITOM). Customer Service Management (CSM). Integration Design ...

technical environments. Stay current with emerging threats, regulatory changes, and industry best practices in risk management, compensating controls, and evolving enterprise technologies. Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements. Qualifications/Skills Required Demonstrated ...

deep local presence, Colt is big enough to deliver and small enough to care. Why we need this role? As the Lead - SOC Incident Manager, your role will encompass communicating cybersecurity incidents to key partners across the enterprise as well as being the main interface between the Colt business … security incidents across the enterprise. What you will do: You will play a key role within the SOC to manage incidents: Lead and coordinate response efforts to cyber security incidents caused by internal and external threats to reduce the impact of these incidents to Colt and its customers. ...

industry experience in a similar role, in a technical environment. Good understanding of security principles, technologies, and best practices, including threat detection and security incident response processes. Experience implementing security in AWS environments (in the main) , including proactive configuration of AWS accounts and assets to meet good security ...