1 to 25 of 112 Incident Response Jobs in Central London

SOC Analyst role where you’re pigeonholed into one narrow specialism. At CyPro, you’ll have the opportunity to get involved in a wide range of areas including monitoring, incident response, threat intelligence, detection engineering, automation and internal security operations. You’ll play a key role in our Security Operations Centre, delivering 365-day monitoring, detection and response … As the team grows further, you’ll have the flexibility to focus more deeply on the areas that interest you most – whether that’s advanced detection engineering, threat intelligence, incident response leadership or platform automation. If you’re ambitious and want to help shape something rather than simply follow a process, this is the right environment for you. … Core Responsibilities: Security Monitoring & Incident Response Monitor security alerts generated by Microsoft Sentinel, Microsoft Defender, Datadog and Elastic. Assess severity and impact of alerts, triage and investigate incidents independently. Execute containment and remediation actions using defined runbooks and playbooks. Correlate data across platforms to identify anomalies, malicious patterns and attacker behaviour. Produce detailed incident reports, RCA and More ❯

SOC Analyst role where you’re pigeonholed into one narrow specialism. At CyPro, you’ll have the opportunity to get involved in a wide range of areas including monitoring, incident response, threat intelligence, detection engineering, automation and internal security operations. You’ll play a key role in our Security Operations Centre, delivering 365-day monitoring, detection and response … As the team grows further, you’ll have the flexibility to focus more deeply on the areas that interest you most – whether that’s advanced detection engineering, threat intelligence, incident response leadership or platform automation. If you’re ambitious and want to help shape something rather than simply follow a process, this is the right environment for you. … Core Responsibilities: Security Monitoring & Incident Response Monitor security alerts generated by Microsoft Sentinel, Microsoft Defender, Datadog and Elastic. Assess severity and impact of alerts, triage and investigate incidents independently. Execute containment and remediation actions using defined runbooks and playbooks. Correlate data across platforms to identify anomalies, malicious patterns and attacker behaviour. Produce detailed incident reports, RCA and More ❯

Senior Incident Responder (DFIR) 🚨 Location: Hybrid (UK-based) Job Type: Full-time Salary: Competitive + up to 20% annual bonus Are you a seasoned DFIR professional with a passion for digital forensics and incident response? Do you thrive in high-pressure environments and want to make a real impact in protecting one of the UK’s largest … retailers? If so, Tesco Technology wants you on our team. We’re looking for a Senior Incident Responder to join our cutting-edge Digital Forensics and Incident Response (DFIR) team. You’ll play a pivotal role in investigating and responding to complex security threats across our global estate, working alongside our security operations, threat intelligence, and engineering … teams. What You’ll Be Doing 🕵️ Lead Investigations : Conduct host, network, and cloud-based forensic analysis to uncover the full scope of security incidents. 🛡️ Incident Handling : Support incident managers with root cause analysis and recommend detection and prevention strategies. ⚙️ Drive Innovation : Improve and automate DFIR workflows, collaborating across teams to enhance our security capabilities. 🔍 Threat Hunting : Lead intelligence More ❯

Senior Incident Responder (DFIR) 🚨 Location: Hybrid (UK-based) Job Type: Full-time Salary: Competitive + up to 20% annual bonus Are you a seasoned DFIR professional with a passion for digital forensics and incident response? Do you thrive in high-pressure environments and want to make a real impact in protecting one of the UK’s largest … retailers? If so, Tesco Technology wants you on our team. We’re looking for a Senior Incident Responder to join our cutting-edge Digital Forensics and Incident Response (DFIR) team. You’ll play a pivotal role in investigating and responding to complex security threats across our global estate, working alongside our security operations, threat intelligence, and engineering … teams. What You’ll Be Doing 🕵️ Lead Investigations : Conduct host, network, and cloud-based forensic analysis to uncover the full scope of security incidents. 🛡️ Incident Handling : Support incident managers with root cause analysis and recommend detection and prevention strategies. ⚙️ Drive Innovation : Improve and automate DFIR workflows, collaborating across teams to enhance our security capabilities. 🔍 Threat Hunting : Lead intelligence More ❯

Responsibilities will include: Monitor, analyze, and respond to security events and incidents using SIEM and other security tools. Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency. Perform threat hunting and forensic investigations across IT environment. Collaborate with infrastructure and application teams to ensure secure configurations and compliance. Maintain and improve endpoint protection … intrusion detection/prevention systems. Document incident response procedures and contribute to post-incident reviews. Create network diagrams and as-built documents. Develop and maintain a strong partnership with relevant global businesses and technical leaders and teams, including 3rd parties and affiliate businesses. Stay current with emerging threats, vulnerabilities, and security technologies. Qualifications and Skills: Education Bachelor More ❯

Responsibilities will include: Monitor, analyze, and respond to security events and incidents using SIEM and other security tools. Develop and maintain detection rules, playbooks, and automation scripts to improve incident response efficiency. Perform threat hunting and forensic investigations across IT environment. Collaborate with infrastructure and application teams to ensure secure configurations and compliance. Maintain and improve endpoint protection … intrusion detection/prevention systems. Document incident response procedures and contribute to post-incident reviews. Create network diagrams and as-built documents. Develop and maintain a strong partnership with relevant global businesses and technical leaders and teams, including 3rd parties and affiliate businesses. Stay current with emerging threats, vulnerabilities, and security technologies. Qualifications and Skills: Education Bachelor More ❯

identity governance and access controls. Define and enforce security and identity policies across cloud platforms. (AWS, Azure, GCP) Document system configurations, standards, and procedures in a centralized location. Support Incident Response on security incidents globally, including contributing to table-top security incident exercises. Advise project teams, application owners, infrastructure services, and other digital Information Technology teams on … including 3rd parties and affiliate businesses. Monitoring, collecting, analyzing and reporting of security metrics and indicators to ensure the proper operations of our regional systems and services. Regional security incident response and management point of contact and drive incident postmortems to find the root cause and track action items to completion. Experience working with Service Management, Incident More ❯

identity governance and access controls. Define and enforce security and identity policies across cloud platforms. (AWS, Azure, GCP) Document system configurations, standards, and procedures in a centralized location. Support Incident Response on security incidents globally, including contributing to table-top security incident exercises. Advise project teams, application owners, infrastructure services, and other digital Information Technology teams on … including 3rd parties and affiliate businesses. Monitoring, collecting, analyzing and reporting of security metrics and indicators to ensure the proper operations of our regional systems and services. Regional security incident response and management point of contact and drive incident postmortems to find the root cause and track action items to completion. Experience working with Service Management, Incident More ❯

assessments and coordinate penetration testing activities with external vendors and internal teams. Track and manage remediation efforts across infrastructure, applications, and cloud environments. Establish and maintain a Product Security Incident Response Team (PSIRT) process to handle reported vulnerabilities, disclosures, and security incidents related to Ipsotek products. Ensure timely triage, investigation, and resolution of product-related security issues. Security … Operations (SecOps) Oversee incident response, monitoring, and reporting processes. Manage security tooling and automation for detection and prevention. Continuously improve threat detection and response capabilities. Cross-Functional Collaboration Work with development teams to embed secure coding practices and DevSecOps principles. Support project operations and presales with security input for bids, proposals, and delivery. Provide security guidance during More ❯

data, monitoring threats, and building security controls across our HR-tech ecosystem. This is an opportunity to get hands-on experience working on real attack surfaces, security audits, and incident response workflows in a fast-growing tech environment . Key Responsibilities Assist in monitoring and analyzing network traffic, logs, and system alerts to identify potential threats Perform vulnerability … exploitable weakens Assist with hardening of systems, identity & access management, and secure configuration of cloud assets Research emerging cyber threats, malware trends, and document recommended countermeasures Support creation of incident response plans, SOPs, and security awareness documents Maintain security documentation, audit trails, and compliance reports Requirements Currently pursuing (or recently completed) B.Tech/BE/M.Tech/MSc More ❯

data, monitoring threats, and building security controls across our HR-tech ecosystem. This is an opportunity to get hands-on experience working on real attack surfaces, security audits, and incident response workflows in a fast-growing tech environment . Key Responsibilities Assist in monitoring and analyzing network traffic, logs, and system alerts to identify potential threats Perform vulnerability … exploitable weakens Assist with hardening of systems, identity & access management, and secure configuration of cloud assets Research emerging cyber threats, malware trends, and document recommended countermeasures Support creation of incident response plans, SOPs, and security awareness documents Maintain security documentation, audit trails, and compliance reports Requirements Currently pursuing (or recently completed) B.Tech/BE/M.Tech/MSc More ❯

security posture , addressing vulnerabilities and implementing intrusion detection/prevention systems. Ensure ongoing compliance with ISO 27001, PCI-DSS , and other relevant regulatory standards. Drive a proactive approach to incident response, monitoring, and continuous threat detection . Oversee audit readiness and maintain comprehensive network documentation and asset inventories. People & Stakeholder Leadership Build, develop, and mentor a high-performing … WAN, firewalls, and network segmentation. Experience managing Cisco and Juniper network technologies, including Cisco IOS/NX-OS and JunOS platforms. Strong background in network monitoring, capacity management, and incident response . Hands-on experience with network security frameworks , firewall configuration (Cisco ASA, Palo Alto, Fortinet, etc.) , and telephony (SIP/VoIP) systems. Familiarity with cloud and hybrid More ❯

security posture , addressing vulnerabilities and implementing intrusion detection/prevention systems. Ensure ongoing compliance with ISO 27001, PCI-DSS , and other relevant regulatory standards. Drive a proactive approach to incident response, monitoring, and continuous threat detection . Oversee audit readiness and maintain comprehensive network documentation and asset inventories. People & Stakeholder Leadership Build, develop, and mentor a high-performing … WAN, firewalls, and network segmentation. Experience managing Cisco and Juniper network technologies, including Cisco IOS/NX-OS and JunOS platforms. Strong background in network monitoring, capacity management, and incident response . Hands-on experience with network security frameworks , firewall configuration (Cisco ASA, Palo Alto, Fortinet, etc.) , and telephony (SIP/VoIP) systems. Familiarity with cloud and hybrid More ❯

tailored to SMB/MSP needs. Service delivery leadership: Define and enforce service delivery frameworks, SLAs, and operational playbooks; ensure seamless transition from presales to delivery; oversee service continuity, incident management, change control, and problem management. Platform and technology scope: Digital workplace services (end-user devices, collaboration tools, unified communications, remote/mobile workforce enablement); infrastructure and network (LAN … WAN, data-center design, virtualization, storage, backup); cloud and datacenter (IaaS/PaaS, public, private, hybrid architectures; migration and modernization); cybersecurity (identity, endpoints, network, identity & access management, threat detection, incident response); application support and managed services for critical business applications. Security and compliance: Build security-by-design into solution proposals; incorporate best practices for data protection, vulnerability management … WAN, SD-WAN), cloud connectivity. Cloud and Datacenter: IaaS/PaaS migrations, cloud governance, hybrid architectures, cloud security. Cybersecurity: threat prevention/detection, IAM, endpoint protection, SOC-oriented operations, incident response planning. Solution architecture and proposal skills: ability to translate business needs into standardized reference architectures, bill of materials, and delivery plans; fluent in cost models and ROI More ❯

tailored to SMB/MSP needs. Service delivery leadership: Define and enforce service delivery frameworks, SLAs, and operational playbooks; ensure seamless transition from presales to delivery; oversee service continuity, incident management, change control, and problem management. Platform and technology scope: Digital workplace services (end-user devices, collaboration tools, unified communications, remote/mobile workforce enablement); infrastructure and network (LAN … WAN, data-center design, virtualization, storage, backup); cloud and datacenter (IaaS/PaaS, public, private, hybrid architectures; migration and modernization); cybersecurity (identity, endpoints, network, identity & access management, threat detection, incident response); application support and managed services for critical business applications. Security and compliance: Build security-by-design into solution proposals; incorporate best practices for data protection, vulnerability management … WAN, SD-WAN), cloud connectivity. Cloud and Datacenter: IaaS/PaaS migrations, cloud governance, hybrid architectures, cloud security. Cybersecurity: threat prevention/detection, IAM, endpoint protection, SOC-oriented operations, incident response planning. Solution architecture and proposal skills: ability to translate business needs into standardized reference architectures, bill of materials, and delivery plans; fluent in cost models and ROI More ❯

maintain automated tools to support system deployments, monitoring, alerting, and operational workflows. Monitor health of trading systems with a goal of proactive failure prevention. Take ownership of, and improve incident response, root cause analysis, and blameless post-mortems. Partner with developers to build scalable, testable, and efficient deployment pipelines. Collaborate with trading, operations, and quant teams, as well … Experience Required: 3+ years’ experience in a production-facing engineering or reliability role within financial services or another high-availability technology environment. Strong track record in automation, monitoring, and incident response for distributed or mission-critical systems. Proficiency in scripting and systems programming. Hands-on experience with configuration management, containerisation, and orchestration tools. Tech Stack + Tools: Programming More ❯

maintain automated tools to support system deployments, monitoring, alerting, and operational workflows. Monitor health of trading systems with a goal of proactive failure prevention. Take ownership of, and improve incident response, root cause analysis, and blameless post-mortems. Partner with developers to build scalable, testable, and efficient deployment pipelines. Collaborate with trading, operations, and quant teams, as well … Experience Required: 3+ years’ experience in a production-facing engineering or reliability role within financial services or another high-availability technology environment. Strong track record in automation, monitoring, and incident response for distributed or mission-critical systems. Proficiency in scripting and systems programming. Hands-on experience with configuration management, containerisation, and orchestration tools. Tech Stack + Tools: Programming More ❯

Data Protection Impact Assessments (DPIAs) for high-risk processing activities. Managing third-party vendor data protection risk, from initial due diligence through to ongoing monitoring. Overseeing personal data breach incident response, ensuring timely containment, investigation, and reporting. Monitoring and maintaining data retention processes, ensuring compliance with legal, regulatory, and business requirements. This role offers the opportunity to work … in data protection and privacy compliance (e.g. GDPR or equivalent frameworks). Strong understanding of data protection risk assessment and mitigation processes. Proven experience in data breach management and incident response coordination. Desirable Skills and Attributes Collaboratively curious — keen to engage with colleagues to find pragmatic, compliant solutions. Trustworthy and ethically minded, with a strong sense of responsibility. More ❯

Data Protection Impact Assessments (DPIAs) for high-risk processing activities. Managing third-party vendor data protection risk, from initial due diligence through to ongoing monitoring. Overseeing personal data breach incident response, ensuring timely containment, investigation, and reporting. Monitoring and maintaining data retention processes, ensuring compliance with legal, regulatory, and business requirements. This role offers the opportunity to work … in data protection and privacy compliance (e.g. GDPR or equivalent frameworks). Strong understanding of data protection risk assessment and mitigation processes. Proven experience in data breach management and incident response coordination. Desirable Skills and Attributes Collaboratively curious — keen to engage with colleagues to find pragmatic, compliant solutions. Trustworthy and ethically minded, with a strong sense of responsibility. More ❯

Major Incident Manager Location: London (1 day per week) Rate: £450 per day Term: Initial 3 months. This is your opportunity to lead when it matters most. If you thrive in high-stakes environments and know how to bring calm, clarity and control to complex technical incidents, this role puts you at the centre of service continuity for a … regulated, always-on digital business. You’ll lead the Major Incident Management function, working with internal and external teams to protect critical services and minimise disruption. You’ll be the single point of accountability during major incidents, coordinating response teams, managing communications, and ensuring swift recovery. Your decisions will directly impact operational resilience, customer trust and regulatory compliance. … What you’ll be responsible for Lead all Priority 1 and high-severity Priority 2 incidents across business-critical systems Act as Incident Commander, driving triage, escalation, resolution and stakeholder updates Run real-time war rooms, coordinating cross-functional teams under pressure Ensure accurate documentation in ITSM tools such as ServiceNow Monitor incident KPIs including MTTR, SLA compliance More ❯

Major Incident Manager Location: London (1 day per week) Rate: £450 per day Term: Initial 3 months. This is your opportunity to lead when it matters most. If you thrive in high-stakes environments and know how to bring calm, clarity and control to complex technical incidents, this role puts you at the centre of service continuity for a … regulated, always-on digital business. You’ll lead the Major Incident Management function, working with internal and external teams to protect critical services and minimise disruption. You’ll be the single point of accountability during major incidents, coordinating response teams, managing communications, and ensuring swift recovery. Your decisions will directly impact operational resilience, customer trust and regulatory compliance. … What you’ll be responsible for Lead all Priority 1 and high-severity Priority 2 incidents across business-critical systems Act as Incident Commander, driving triage, escalation, resolution and stakeholder updates Run real-time war rooms, coordinating cross-functional teams under pressure Ensure accurate documentation in ITSM tools such as ServiceNow Monitor incident KPIs including MTTR, SLA compliance More ❯

IT service desk and field support function, ensuring every employee receives rapid, expert help with the hardware, software, networks, and security controls they rely on. Key Responsibilities Service Desk & Incident Control Operate a friendly and professional helpdesk: monitor tickets, calls and walk-ups. Triage, troubleshoot, resolve or assign cases promptly. Coordinate major incident response, keeping users informed … until full closure and post-incident review. Customer Satisfaction Proactively follow up on tickets and CSAT surveys. Analyse service trends against SLA targets. Drive corrective actions that protect and improve the user experience. Systems & Networks Build, patch and support Windows laptops, macOS devices, iOS/iPadOS mobiles and tablets via Intune/Autopilot/Kandji. Provide support for switching … VPN, hardware, OS, and basic LAN/WAN faults. Cybersecurity Oversight Enforce MFA, conditional access, vulnerability patching and CIS-aligned baselines. Run phishing simulations, incident playbooks and device-compliance audits. Collaborate with the IT Manager on threat monitoring, investigations and ISO 27001 compliance. Ensure alignment with BW’s commitment to Cyber Essentials Plus and information security best practice. Change More ❯

IT service desk and field support function, ensuring every employee receives rapid, expert help with the hardware, software, networks, and security controls they rely on. Key Responsibilities Service Desk & Incident Control Operate a friendly and professional helpdesk: monitor tickets, calls and walk-ups. Triage, troubleshoot, resolve or assign cases promptly. Coordinate major incident response, keeping users informed … until full closure and post-incident review. Customer Satisfaction Proactively follow up on tickets and CSAT surveys. Analyse service trends against SLA targets. Drive corrective actions that protect and improve the user experience. Systems & Networks Build, patch and support Windows laptops, macOS devices, iOS/iPadOS mobiles and tablets via Intune/Autopilot/Kandji. Provide support for switching … VPN, hardware, OS, and basic LAN/WAN faults. Cybersecurity Oversight Enforce MFA, conditional access, vulnerability patching and CIS-aligned baselines. Run phishing simulations, incident playbooks and device-compliance audits. Collaborate with the IT Manager on threat monitoring, investigations and ISO 27001 compliance. Ensure alignment with BW’s commitment to Cyber Essentials Plus and information security best practice. Change More ❯

our company's security strategy, ensuring robust protection for both our assets and those of our clients. This division oversees all aspects of information security, from policy development to incident response. Our Global Security Services and Automation team excels in gathering diverse security requirements from clients and delivering top-tier security infrastructure, tools, and operations at scale. The Security … and recommendations Developing and presenting scalable security solutions and services that meet client needs Collaborating with internal teams to ensure client security requirements are integrated into service delivery Leading incident response efforts and conducting post-incident analysis to prevent future occurrences Organizing tabletop exercises with both clients and our teams Required profile: Ability to engage confidently with More ❯

and container services (ACI, AKS). Proficient in Azure Monitor, Log Analytics, Application Insights, cost management and optimisation, resource tagging strategies, and maintaining platform availability through proactive monitoring and incident response. Infrastructure as Code (Terraform) - Strong working knowledge of Terraform for provisioning and managing Azure infrastructure including writing and maintaining Terraform modules for Azure resources and implementing infrastructure changes … backup vault management. Understanding of high availability architectures using Availability Zones, Azure Load Balancer, Azure Application Gateway, VM Scale Sets, and conducting DR tests to ensure business continuity. Collaboration & Incident Response - Strong team player with experience working across DevOps, infrastructure, security, and development teams. Skilled in incident management and managing status dashboards, coordinating platform incidents, documenting runbooks … creating standard operating procedures, and contributing to post-incident reviews with focus on continuous improvement and platform resilience. If you align to the key requirements then please apply with an updated CV. More ❯