1 to 25 of 33 Incident Response Jobs in Central London

Incident Response Assistant Manager (Client facing) Hybrid/flexible on location - London, Manchester, Birmingham, ect £50k – £60k A global Risk consultancy is looking for Strong Incident Response professionals to join their Cyber Response Team, within an area of huge growth and investment. This is an excellent opportunity for exposure and growth! If you’re looking … for the next step in your incident response career, we’d love to talk to you. Day to day Responsibilities of an Incident Response Assistant Manager Manage cyber security incidents for clients, including digital forensics of relevant data Act as an advisor to clients on current cyber threats Liaise with clients on delivery and implementation Requirements … for an Incident Response Assistant Manager Broad knowledge and understanding across the cyber security landscape to be able to act as an advisor on the threat landscape Strong technical background (networks and programming knowledge) Proven experience working within Incident management and response Excellent communication both written and verbal. Incident Management Certifications are not necessary but More ❯

We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯

Senior Security Operations Analyst to join a global security operations and incident response team based in London. In this highly critical role, the Senior Security Operations Analyst will be responsible for monitoring and analysing security incidents, responding to threats in real-time, and ensuring the integrity of all systems and platforms. Your expertise will help identify vulnerabilities and … other security technologies. Creating detection use cases in the SIEM, analysing security event data for proactive threat hunting, and conducting research on the latest threats and vulnerabilities to enhance incident response readiness and capabilities. Responding to security incidents, performing initial analysis and escalation as necessary. Participating in incident response planning and execution, ensuring timely containment and … remediation of security breaches. Researching and analysing emerging threats and vulnerabilities to adapt security measures accordingly. Documenting security incidents, identifying gaps from incidents and recommending improvements, developing and maintaining incident response plans and SOPs. Preparing detailed reports for stakeholders on security incidents and trends. Working closely with cross functional technical teams to ensure the security of systems and More ❯

or privacy incidents. Identify and implement recovery operations to maintain critical services and ensure organisational resilience during incidents. Maintain and update the Business Continuity Policy, Business Continuity Plan, and Incident Response Policy to ensure they remain current and effective. Develop Incident Response checklist, playbooks, communication plans Act as a primary contact for incident response … in Business Continuity, Operational Resilience, and Risk Management within a regulated environment. Familiarity with ISO 22301 and resilience regulatory requirements (FCA/PRA or equivalent). Proven experience in incident response, business impact assessments, and continuity planning. Excellent communication and stakeholder management skills, with the ability to engage at all levels. More ❯

SOC Analysts to join their Security Operations Centre. This is an excellent opportunity for an experienced SOC professional to step into a senior role, leading on complex investigations and incident response within a high-profile environment. The Role - The Senior SOC Analyst will act as the technical expert within the SOC, responsible for handling escalations from Tier … and Tier 2 analysts and managing the most complex security incidents. You will lead deep-dive investigations, improve detection and response processes, and play a key role in stakeholder engagement. Key responsibilities include: Analysing advanced security incidents, determining root cause and attack paths. Leading incident response activities across SIEM, EDR/XDR, networks, and cloud platforms. Producing … clear, business-focused incident reports and updates for senior stakeholders. Advising on SOC tooling and ensuring effective integration of incident response requirements. Supporting security exercises, crisis response, and compliance alignment with industry frameworks. Candidate Profile - The successful candidate will bring: Significant experience in SOC operations and cyber incident response. Strong knowledge of adversary TTPs and More ❯

on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯

delivers logs, metrics, traces, and security monitoring — cutting costs by up to 70% while boosting efficiency. They are looking for a Lead SRE to own and elevate our Alerting & Incident Management platform . You’ll be the driving force behind reliability, customer satisfaction, and product excellence — ensuring smooth alert management, fewer engineering interruptions, and a best-in-class incident response experience. This role blends technical depth, customer impact, and product strategy — perfect for someone who thrives at the intersection of engineering, incident response, and product innovation. What You’ll Do Champion customer experience by speeding up alert resolution and reducing interruptions for engineers. Build solutions to common pain points, shaping roadmaps, documentation, and technical knowledge. … Develop benchmarking tools to improve performance, reliability, and scalability. Stay ahead of incident management trends to drive new workflows and product improvements. Mentor teams and lead with clear, impactful communication. What We’re Looking For 5+ years in software engineering, DevTools, or infrastructure. Strong expertise in incident management, alert routing, and large-scale orchestration. SaaS or incident More ❯

incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and capabilities. Location/WFH: You'll join the team in brand new Central London based offices three days a week with flexibility to work from … home the other two days. About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of More ❯

Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯

broad range of ServiceNow modules, including but not limited to: Integrated Risk Management (IRM): Policy Management, Compliance & Audit Management, Vendor Risk Management, Business Continuity Management. Security Operations (SecOps): Vulnerability Response, Security Incident Response, Security Dashboards. IT Service Management (ITSM). IT Operations Management (ITOM). Customer Service Management (CSM). Integration Design: Design and oversee the implementation More ❯

Governance setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with SOC and managed Sentinel provider on incident handling Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit preparation Configure … insider risk management, audit, and eDiscovery capabilities Track Secure Score and recommend improvements Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incident response and post-incident reviews Contribute to the development of business continuity and disaster recovery plans Track KPIs and generate reports using Microsoft compliance and security solutions Work closely with DevOps, infrastructure More ❯

Benefits Clearance: Must hold or be eligible for SC Clearance Sponsorship: Not available We're seeking a highly skilled SOC Solutions Engineer to enhance security operations and strengthen detection & response strategies. This is a hands-on engineering role focused on IBM QRadar, playbook automation, and advanced threat modelling to deliver cutting-edge security solutions. What you'll do: SIEM … Engineering & Management: Deploy, configure, and optimise QRadar. Onboard log sources from cloud/on-prem environments. Build detection and anomaly rules. Playbook Development & Automation: Design and implement automated response playbooks (phishing, lateral movement, exfiltration) with SOAR tools (e.g., Logic Apps, XSOAR). Threat Detection & Response: Investigate alerts, enrich detection logic with threat intel, coordinate incident response. Threat … in IT security (SOC/NOC environment preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incident response, threat detection, and frameworks (MITRE, NIST, CIS). Knowledge of vulnerability scanning, penetration testing, and network traffic analysis. Familiarity with ITIL processes (Incident, Problem, Change). More ❯

Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incident response activities. Furthermore, the Principal Security Analyst will actively collaborate with other analysts and enhance the teams effectiveness through ownership of relevant issues More ❯

The company also offers direct payment and settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation More ❯

and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities . … What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and hybrid architectures. More ❯

cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incident response using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯

trends and best practices. Qualifications: •Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. •Basic knowledge of cybersecurity principles, including threat detection, risk management, and incident response. •Familiarity with security tools like SIEM systems, firewalls, or endpoint protection is a plus. •Strong analytical and problem-solving skills. •Excellent communication skills with the ability to explain More ❯

their global Cyber Insights & Analytics team. This is a hands-on role where you ll transform diverse data sources. Ranging from policy and claims to cyber threat intelligence and incident response, into actionable insights that strengthen our underwriting decisions and frameworks. With their data strategy making strong progress, this is an exciting opportunity for someone with a few More ❯

their global Cyber Insights & Analytics team. This is a hands-on role where you’ll transform diverse data sources. Ranging from policy and claims to cyber threat intelligence and incident response, into actionable insights that strengthen our underwriting decisions and frameworks. With their data strategy making strong progress, this is an exciting opportunity for someone with a few More ❯

security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Evaluate, test and recommend security enhancements. Support CE+ accreditation Identify security risks and exposures, determine the cause of security violations and suggest procedures to More ❯

testing, and ethical hacking engagements Plan and deliver cyber attack simulations, vulnerability assessments, and social engineering tests Work with SOC teams on purple team exercises to enhance detection and response Produce executive reporting on cyber threats, risks, and remediation progress Collaborate with security and infrastructure teams to strengthen overall cyber resilience Skills & Experience 3+ years in penetration testing/… ethical hacking/red teaming Strong understanding of cyber threats, APTs, threat actor tactics, and exploit development Familiar with SIEM, defensive security monitoring, incident response, and detection engineering Deep knowledge of network, web application, and enterprise architecture security Excellent communication skills to present cyber risk insights to stakeholders Hybrid working model - 3 days in the London office. Competitive More ❯

experience of working with Microsoft Sentinel, Defender and Purview • Excellent understanding of security frameworks (NIST and Cyber Essentials) • Ability to lead and manage third party providers • Strong understanding of incident response processes and methodologies including leading and managing incidents • Lead on root cause analysis, providing relevant documentation including recommendations • indemonstrable experience of implementing a robust and trustworthy security More ❯

validation, and regulatory obligations. Support AI governance frameworks ensuring ethical, explainable, and compliant use of AI across financial services. Digital Operational Resilience (DORA) Deliver gap assessments, compliance roadmaps, and incident response readiness programmes aligned to the EU Digital Operational Resilience Act (DORA). Advise financial institutions on resilience testing, regulatory reporting, and ICT risk management. Support the integration More ❯

validation, and regulatory obligations. Support AI governance frameworks ensuring ethical, explainable, and compliant use of AI across financial services. Digital Operational Resilience (DORA) Deliver gap assessments, compliance roadmaps, and incident response readiness programmes aligned to the EU Digital Operational Resilience Act (DORA). Advise financial institutions on resilience testing, regulatory reporting, and ICT risk management. Support the integration More ❯

Commercial awareness with a track record of delivering profitable portfolio growth. Confident communicator with strong broker relationships and market presence. Familiarity with cyber risk scoring tools, pricing models, and incident response frameworks. Professional qualifications such as ACII, or relevant technical certifications (e.g. CISSP) are an advantage. Experience working in a Lloyd’s, MGA cyber underwriting environment. Exposure to More ❯