1 to 25 of 36 Incident Response Jobs in Central London

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat ...

into change initiatives, and security by design principles are applied. Provide 3rd line support to the IT service desk, responding to support requests and incident tickets which have been triaged and escalated to the cybersecurity operations team, and provide out of hours support through participation in an on-call … threat hunting, analysing logs and event data across the firms' systems, and procuring threat intelligence to inform the hunts. Provide technical leadership during security incident response, from identification through to containment, eradication, recovery and post incident review, reporting and recommendations; liaising with external IR providers as required. ...

play a key role in ensuring our systems and processes align with ISO 27001 and SOC 2 requirements, contributing to risk assessments, and supporting incident response activities. Working closely with product and engineering teams, you’ll help embed security into the design of our Microsoft Word … threat modelling, define non-functional security requirements, and review designs for security impact. Guide security considerations in our AI/LLM-enabled products. Risk & Incident Management Own the company-wide incident response plan and lead tabletop exercises. Perform ongoing risk assessments, vendor security reviews, and DPIAs. Ensure ...

posture. Support the implementation and maintenance of security frameworks and standards aligned to industry best practice. Develop and maintain documentation for operational processes and incident response procedures. Contribute to internal knowledge bases to support consistency and efficiency within the function. Identify opportunities to automate security tasks and workflows … using scripting or similar tools. Produce regular reporting on security activity, including incident trends, performance metrics and compliance status. Experience wanted: Proven experience operating within a Security Operations or Incident Response environment. Strong knowledge of securing and hardening Windows-based environments. Experience using scripting (e.g. PowerShell ...

analysts, and acting as a trusted advisor to clients and internal stakeholders. The role blends offensive attacker‐mindset insight with deep defensive detection and response expertise, making it a key differentiator for both service delivery and pre‐sales engagements. Key Responsibilities Threat Hunting Programme Development Design and establish … requirements Clear success metrics and measurable outcomes Define and embed how threat hunting integrates with: SIEM detections and detection engineering SOC operations and workflows Incident response processes Intelligence‐led prioritisation and use‐case development Ensure hunting outputs directly inform continuous service improvement Hands‐On Threat Hunting & Intelligence Conduct ...

pipeline health, compute utilisation, and deployment status. Collaborate with data engineering to ensure upstream data quality and pipeline reliability for ML feature inputs. Develop incident response procedures and runbooks for ML system failures. Infrastructure & Cost Optimisation Manage and optimise AWS compute resources (Batch, EC2, or similar) used … control workflows. Familiarity with SQL and data warehousing platforms (Snowflake preferred). Experience implementing monitoring, logging, and alerting for production systems. Strong debugging and incident response skills for complex distributed systems. Preferred Qualifications Experience deploying models to edge or embedded devices. Background in healthcare, medical devices, or clinical ...

execution of cyber security across a global environment. This is a high-impact role reporting to the CTO, with responsibility for security operations, risk, incident response, and overall security maturity across the business. Key Responsibilities Lead global IT and product security Own risk management, SOC, and incident response Drive security strategy, governance, and awareness Deliver key programmes (cloud, identity, vulnerability management) Engage at C-suite level , translating risk into business decisions Build and lead a high-performing security team What We're Looking For Proven leadership in enterprise cyber security environments Strong background across multiple ...

analysis to identify and mitigate potential threats. Design and enforce security controls based on identified requirements and gaps in existing structures. Threat Detection and Response Monitor and respond to security incidents ensuring rapid and effective action. Develop comprehensive incident response plans to maintain organisational resilience against threats. ...

reviews and monitoring KPIs Ensure compliance with IT security policy standards, including encryption, secure disposal, build hardening, monitoring, patching and access controls Lead security incident response and contribute to major incident management control Ensure effective communications outside of the IT team Production of an appropriate IT infrastructure ...

vulnerability and patch evidence, metrics and control narratives. Identify and implement automation and continuous improvement opportunities across vulnerability and patch management workflows. Collaborate with Incident Response, Threat Intelligence and Corporate Security teams to respond to actively exploited vulnerabilities and emerging threat trends. Experience Strong working knowledge of Ivanti ...

similar, Industry certifications such as CompTIA Security+, GIAC, CISM, CISSP or other relevant certification preferred Strong understanding of network and end point security, incident response, threat intelligence, and vulnerability management Experienced with security tools such as SIEM platforms, EDR/XDR solutions, firewalls, IDS/IPS Strong knowledge ...

join the firm in London. Responsibilities: * Undertake efficient, effective and proactive day-to-day cybersecurity operations to minimise the risk of a security incident, enabling the firm to do business. * Maintain the capability to react and respond to incidents in an effective and timely manner, minimising their impact … event data across the firms' systems, and procuring threat intelligence to inform the hunts. Key Skills: * Strong understanding of network and end point security, incident response, threat intelligence, and vulnerability management. * Experienced with security tools such as SIEM platforms, EDR/XDR solutions, firewalls, IDS/IPS. * Strong ...

join its Cybersecurity Operations Group. This role plays a critical part in protecting a complex global technology environment through continuous monitoring, threat detection, and incident response. The successful candidate will work closely with security and IT stakeholders, contributing to the organisation’s defensive capabilities while remaining at the forefront … attack techniques. Hands-on experience with security technologies such as EDR, XDR, SIEM, SOAR, IDS, and IPS. Experience in vulnerability analysis, security alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query languages such as PowerShell, Python, SQL, or KQL (desirable). ...

high-calibre quantitative investment firm building a new security function alongside a completely refreshed technology environment. This is a rare opportunity to shape Detection & Response properly from day one, rather than inherit a noisy SIEM, half-owned tooling and legacy processes. The role suits a deeply technical security engineer … turn those opinions into production-grade capability. You’ll work closely with senior security leadership to design the data, tooling, automation and response foundations that protect a fast-moving investment platform... Key Responsibilities Define and build the firm’s Detection & Response capability across endpoint, network, cloud and internal ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years ...

Resilience, Continuity & Recovery Manager (DORA) -Incident Manager UK Remote | Permanent Hiring a Senior Resilience, Continuity, Recovery Manager and Incident Manager with strong DORA experience to lead operational resilience, major incident management and recovery planning within a regulated financial services environment. Key experience: * MUST DORA/Operational Resilience … Major Incident Management * Business Continuity & Disaster Recovery * Financial Services/FinTech * ISO 22301/ISO 27001/NIST * Stakeholder & Regulatory Management This role will lead DORA implementation, resilience testing, ICT incident response, third-party risk and enterprise recovery planning across the business. High-impact role with strong ...

Support application and infrastructure deployments Work with CI/CD pipelines to ensure smooth and consistent releases Monitor systems using dashboards and alerts Support incident response and help troubleshoot issues Requirements: Basic understanding of cloud platforms (AWS, Azure, or GCP) Familiarity with Linux systems and networking basics Familiarity ...

with infrastructure, development, and support teams to ensure messaging reliability, scalability, and performance across mission critical systems. You'll play a key role in incident response, monitoring, capacity planning, WAN optimisation, and automation while helping maintain a highly available messaging platform supporting real-time trading and financial applications. ...

Responsibilities: Lead and deliver cyber resilience transformation programmes, owning end‐to‐end engagement delivery (scope, quality, timeline, budget) and ensuring outcomes measurably improve preparedness, response, and recovery. Design, run, and continuously enhance cyber crisis simulations and tabletop exercises for executives and operational teams—ensuring scenarios reflect the current threat … intelligence and emerging attacker tactics into practical resilience improvements—linking likely threats to business impact, critical dependencies, and control or capability gaps. Integrate cyber response and recovery into wider enterprise resilience plans, including business continuity, IT disaster recovery, operational resilience, third‐party resilience, and enterprise risk management—ensuring cyber ...

control Support budgeting and financial planning with senior leadership Resilience & Business Continuity Ensure effective disaster recovery and business continuity capabilities Oversee backup, recovery, and incident response planning Provide leadership during major incidents and drive continuous improvement Skills & Experience Proven experience operating as a CTO or Fractional ...

controls, elimination of shared/admin accounts), backup and restore strategy, retention and archival, replication, monitoring (Redgate Monitor and equivalents), licensing, performance triage, and incident response. Acting as design authority for the wider data team coaching the SQL Developers on Power BI authorship, dimensional modelling, query optimisation and report ...

including modernisation and decommissioning of systems. - Operational Excellence and Service Management: Accountable for platform availability, performance and resilience. Oversea 3rd level support and major incident response. - Security & Risk Management: Ensure security is embedded by design across all platforms. - Automation & Continuous Improvement: Drive automation and standardisation across platform services. - Leadership ...

Experience onboarding new technologies from a security perspective • Exposure to AI, cloud, SaaS, or enterprise technology transformation programmes • Strong understanding of security operations, monitoring, incident response, and cloud security • Experience operating across both architecture and hands-on delivery • Ability to work with senior stakeholders across technical and business ...