1 to 25 of 30 Incident Response Jobs in Central London

Cyber Security Consultant (Cyber Incident Response Manager) - Inside IR35 - Remote with occasional travel to London or Gloucester - 3 Months initial contract with potential to extend. We're supporting a major, ZERO CARBON energy organisation at the forefront of building a secure and resilient energy future in the appointment … Cyber Incident Response Manager. This is a high-impact role focused on evolving and optimising an already established cyber incident management capability. You'll take ownership of the strategy, maturity, and continuous improvement of the organisation's incident response and crisis management function-ensuring ...

Incident Response Manager (Cyber Threat) - Global financial services company - Full time permanent role - Salary up to £110,000 plus bonus. Hybrid working (twice a week in the London office) A large global financial services firm is looking for an Incident Response Manager within its cyber threat … point once a month for weekends) - Deliver on information security projects - Ensuring services provided meet the business requirements To be considered suitable for this Incident Response Manager role you will need the following skills and experience: - Experience in a technical cyber/incident response role - Previous ...

operations. This is a technical role suited to an experienced analyst with strong engineering instincts, hands-on coding capabilities, and a deep understanding of incident response, detection engineering, and adversary tradecraft. This position includes approximately one week per month of on-call availability for high-priority incident … ideal for someone who has likely grown from an engineering background and can write scripts (Python, Bash) to automate, enhance, and refine detection and response workflows. Experience with Splunk, SIEM operations, cloud endpoints, networks, and detection engineering will be highly advantageous. NOTE: Candidates for this role must be eligible ...

controls Oversee PKI infrastructure, digital certificates, and certificate lifecycle management Operate SIEM, MDR, and vulnerability management platforms, including liaison with external SOC providers Lead incident response activities aligned to DORA reporting timelines Assess and mitigate emerging cyber and AI-driven threats Support AWS cloud security including IAM, GuardDuty … processes, and security certificates Python scripting for automation and threat analysis Strong AWS security knowledge Experience with SIEM, MDR, vulnerability management, and incident response Knowledge of ISO 27001, DORA, FCA, and NIS2 frameworks Desirable Experience within trading, exchange, or financial services environments This is an excellent opportunity ...

mapping Risk advisory and assurance Business resilience Data privacy and GDPR ISO 27001 assessments Supply chain assurance PCI 3DS, PCI P2PE, PCI SSF audits Incident response readiness and planning Card production and PIN audits Cyber maturity assessments Incident response planning Gold/Silver/Bronze tabletops ...

Security and Splunk SOAR. You will play a critical role in ensuring these platforms are stable, scalable, and effectively supporting detection engineering, automation, and incident response functions across the SOC. Key Responsibilities Configure, maintain, and optimise SIEM and SOAR platforms, specifically Splunk ES and Splunk SOAR Design … integrations between SIEM/SOAR and wider security tooling (EDR, vulnerability management, IAM, etc.) Develop, enhance, and maintain SOAR playbooks to automate investigation and response workflows Support onboarding of log sources into SIEM, ensuring accurate parsing and normalisation Optimise search performance, data pipelines, and platform efficiency Troubleshoot issues across ...

Cyber Security team, including managing the budget for people, tools and capital projects. You’ll oversee business‐as‐usual security activity, from incident response and vulnerability management through to security engineering improvements and protecting the Council’s supply chain. You’ll also be a visible advocate for good … Borough Emergency Control Centre activation, taking part in the emergency rota, and coordinating responses with the Executive Team, the Security Operations Centre and cyber incident response partners. Qualifications You bring a strong, practical understanding of cyber security and how it supports real business outcomes. You’ve worked with ...

Alex Jessop Description Position Title: Senior DFIR Consultant Location: UK - London As a Senior DFIR Consultant, your focus will be delivering high quality incident response to our clients alongside collaborating with various individuals and divisions within our business including the Threat Intelligence teams, Security Operations Centre teams … esteemed Red Team. Key Responsibilities Deliver incident response activities across complex security events, ensuring rapid containment, investigation, and recovery. Perform advanced forensics analysis, including but not limited to, host, memory, cloud forensics. Support the Incident Manager with interrogating the data to answer the investigations objectives Providing clients ...

execution of cyber security across a global environment. This is a high-impact role reporting to the CTO, with responsibility for security operations, risk, incident response, and overall security maturity across the business. Key Responsibilities Lead global IT and product security Own risk management, SOC, and incident response Drive security strategy, governance, and awareness Deliver key programmes (cloud, identity, vulnerability management) Engage at C-suite level , translating risk into business decisions Build and lead a high-performing security team What We're Looking For Proven leadership in enterprise cyber security environments Strong background across multiple ...

Major Incident Manager (SaaS/Cloud) London/Staines | Hybrid | £62,000 | 12-month PAYE contract If you’ve handled P1 incidents, major outages, or high-pressure bridge calls , this is the kind of role where that experience actually counts. You’ll be leading critical incident response … onsite in Staines (easy commute from central London) Strong work-life balance (no expectation beyond core hours) What you’ll be doing Lead major incident (P1) response end-to-end Run incident bridges and coordinate technical teams Act as the central point of control during outages Communicate ...

reviews and monitoring KPIs Ensure compliance with IT security policy standards, including encryption, secure disposal, build hardening, monitoring, patching and access controls Lead security incident response and contribute to major incident management control Ensure effective communications outside of the IT team Production of an appropriate IT infrastructure ...

vulnerability and patch evidence, metrics and control narratives. Identify and implement automation and continuous improvement opportunities across vulnerability and patch management workflows. Collaborate with Incident Response, Threat Intelligence and Corporate Security teams to respond to actively exploited vulnerabilities and emerging threat trends. Experience Strong working knowledge of Ivanti ...

that supports precision medicine Key Responsibilities Design and develop threat-led detections using threat intelligence and threat-hunting outputs Create novel analytic techniques for incident detection Collaborate with an MSP SOC to maintain and tune the detection catalogue Build automated reporting dashboards using Microsoft Sentinel workbooks Support security initiatives … Employment Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003. Keywords: Cyber Threat Engineer, Detection & Response Engineer, SIEM Engineer, Security Detection Engineer,T hreat Hunting Engineer, Security Automation Engineer, SOC Engineer, Incident Response Engineer, Cloud Security Engineer, Network Security ...

modern engineering and traditional ITSM/ITIL practices Establish SLIs, SLOs, and Error Budgets Shape observability strategies using metrics, logs, and traces Design incident response models and post-incident learning loops Reduce toil through automation and engineering excellence Deliver SRE capability assessments and roadmaps … Looking For Extensive experience in SRE, cloud operations, or DevOps Proven consulting or advisory background Experience with AWS, Azure, or GCP Strong observability and incident management expertise Ability to obtain UK SC clearance Modis International Ltd acts as an employment agency for permanent recruitment and an employment business ...

join its Cybersecurity Operations Group. This role plays a critical part in protecting a complex global technology environment through continuous monitoring, threat detection, and incident response. The successful candidate will work closely with security and IT stakeholders, contributing to the organisation’s defensive capabilities while remaining at the forefront … attack techniques. Hands-on experience with security technologies such as EDR, XDR, SIEM, SOAR, IDS, and IPS. Experience in vulnerability analysis, security alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query languages such as PowerShell, Python, SQL, or KQL (desirable). ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years ...

ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise … engineering teams to ensure efficient data ingestion and parsing Document detection logic, methodologies, and expected outputs for audit and operational use Contribute to post-incident reviews, enhancing detection coverage and response effectiveness Maintain and evolve a repository of use cases, KPIs, and SOC performance metrics Requirements 3+ years ...

Resilience, Continuity & Recovery Manager (DORA) -Incident Manager UK Remote | Permanent Hiring a Senior Resilience, Continuity, Recovery Manager and Incident Manager with strong DORA experience to lead operational resilience, major incident management and recovery planning within a regulated financial services environment. Key experience: * MUST DORA/Operational Resilience … Major Incident Management * Business Continuity & Disaster Recovery * Financial Services/FinTech * ISO 22301/ISO 27001/NIST * Stakeholder & Regulatory Management This role will lead DORA implementation, resilience testing, ICT incident response, third-party risk and enterprise recovery planning across the business. High-impact role with strong ...

with infrastructure, development, and support teams to ensure messaging reliability, scalability, and performance across mission critical systems. You'll play a key role in incident response, monitoring, capacity planning, WAN optimisation, and automation while helping maintain a highly available messaging platform supporting real-time trading and financial applications. ...

Contract Project Managers – Vulnerability & Incident Management Global Insurance Client | 6-Month Contract | Flexible Location (Manchester/London/Southwest) | ASAP Start | £550-£600/day (inside IR35) We are supporting a confidential enterprise AI and cyber transformation programme for a global insurance organisation and are seeking experienced contract Project … Managers across multiple workstreams: Project Manager – Vulnerability & Legacy Application Remediation Technical Project Manager – Vendor/3rd Party Coordination Project Manager – Incident Management & Operational Resilience Successful candidates will have proven enterprise-scale delivery experience within complex cyber, security or technology transformation programmes. You will be comfortable operating within confidential ...

Responsibilities: Lead and deliver cyber resilience transformation programmes, owning end‐to‐end engagement delivery (scope, quality, timeline, budget) and ensuring outcomes measurably improve preparedness, response, and recovery. Design, run, and continuously enhance cyber crisis simulations and tabletop exercises for executives and operational teams—ensuring scenarios reflect the current threat … intelligence and emerging attacker tactics into practical resilience improvements—linking likely threats to business impact, critical dependencies, and control or capability gaps. Integrate cyber response and recovery into wider enterprise resilience plans, including business continuity, IT disaster recovery, operational resilience, third‐party resilience, and enterprise risk management—ensuring cyber ...

Cisco ISE. • Strong experience with Zscaler Internet Access, Zscaler Private Access, Splunk, and enterprise SIEM tooling. • Proven background in network security, threat prevention, and incident response. • Cisco CCNA and CCNP certifications. • Experience with data centre colocation and vendor/carrier management. • Strong PowerShell and scripting capabilities. • Experience across Windows ...

controls, elimination of shared/admin accounts), backup and restore strategy, retention and archival, replication, monitoring (Redgate Monitor and equivalents), licensing, performance triage, and incident response. Acting as design authority for the wider data team coaching the SQL Developers on Power BI authorship, dimensional modelling, query optimisation and report ...

help shape and drive how we build and operate reliable, observable, and cost-efficient systems. Youll work closely with development, platform, and incident management teams to define what reliable means in measurable terms and build the tooling and processes to achieve it. Your work will directly influence the speed … guardrails. Introduce and run chaos engineering experiments to improve system resilience. Automate operational processes to reduce manual intervention across the stack. Contribute to major incident response, providing engineering expertise. Collaborate cross-functionally to raise the bar on platform stability, security, and performance. Required Skills & Experience 3+ years ...

excellence across the platform. Shape the technology roadmap, contributing to architectural decisions and cloud migration strategies. Manage operational risk, security posture, monitoring, alerting and incident response for Home Finance systems. Use data and insights to guide prioritisation, engineering improvements and product decisions. Support talent development, succession planning ...