Incident Response Jobs in Central London

1 to 25 of 33 Incident Response Jobs in Central London

Incident Response Assistant Manager

City of London, London, United Kingdom
LT Harper - Cyber Security Recruitment
Incident Response Assistant Manager (Client facing) Hybrid/flexible on location - London, Manchester, Birmingham, ect £50k – £60k A global Risk consultancy is looking for Strong Incident Response professionals to join their Cyber Response Team, within an area of huge growth and investment. This is an excellent opportunity for exposure and growth! If you’re looking … for the next step in your incident response career, we’d love to talk to you. Day to day Responsibilities of an Incident Response Assistant Manager Manage cyber security incidents for clients, including digital forensics of relevant data Act as an advisor to clients on current cyber threats Liaise with clients on delivery and implementation Requirements … for an Incident Response Assistant Manager Broad knowledge and understanding across the cyber security landscape to be able to act as an advisor on the threat landscape Strong technical background (networks and programming knowledge) Proven experience working within Incident management and response Excellent communication both written and verbal. Incident Management Certifications are not necessary but More ❯
Posted:

Incident Response Lawyer

City of London, London, United Kingdom
Iceberg
We are representing a consultancy that are a leader in the Cyber Security and Incident response space. If you have experience leading the legal aspects of Data Breach case this could be the role for you. This role is open to any of the multiple offices my client has across the UK. The client is looking for a … Principal Associate to support and shape the delivery of expert incident response, digital risk, and cyber advisory services for a broad portfolio of global clients, from tech innovators and major insurers to public sector bodies and emergency services. This award-winning cyber group is uniquely positioned at the intersection of law, digital forensics, and strategic response. With capabilities … that span incident response, regulatory strategy, privacy law, threat intelligence, security controls, and tech litigation, they’re rewriting how legal support is delivered in high-pressure digital environments. What You’ll Be Doing You’ll play a critical role across matters ranging from real-time cyber incidents to regulatory investigations, and ongoing advisory support. Key responsibilities include: Leading More ❯
Posted:

Senior Security Operations Analyst

City of London, London, United Kingdom
SRG Network
Senior Security Operations Analyst to join a global security operations and incident response team based in London. In this highly critical role, the Senior Security Operations Analyst will be responsible for monitoring and analysing security incidents, responding to threats in real-time, and ensuring the integrity of all systems and platforms. Your expertise will help identify vulnerabilities and … other security technologies. Creating detection use cases in the SIEM, analysing security event data for proactive threat hunting, and conducting research on the latest threats and vulnerabilities to enhance incident response readiness and capabilities. Responding to security incidents, performing initial analysis and escalation as necessary. Participating in incident response planning and execution, ensuring timely containment and … remediation of security breaches. Researching and analysing emerging threats and vulnerabilities to adapt security measures accordingly. Documenting security incidents, identifying gaps from incidents and recommending improvements, developing and maintaining incident response plans and SOPs. Preparing detailed reports for stakeholders on security incidents and trends. Working closely with cross functional technical teams to ensure the security of systems and More ❯
Posted:

Operational Resilience - 12 month Contract

City of London, London, United Kingdom
MW Recruitment Limited
or privacy incidents. Identify and implement recovery operations to maintain critical services and ensure organisational resilience during incidents. Maintain and update the Business Continuity Policy, Business Continuity Plan, and Incident Response Policy to ensure they remain current and effective. Develop Incident Response checklist, playbooks, communication plans Act as a primary contact for incident response … in Business Continuity, Operational Resilience, and Risk Management within a regulated environment. Familiarity with ISO 22301 and resilience regulatory requirements (FCA/PRA or equivalent). Proven experience in incident response, business impact assessments, and continuity planning. Excellent communication and stakeholder management skills, with the ability to engage at all levels. More ❯
Posted:

Senior SOC Analyst x 2

City, London, United Kingdom
Hybrid / WFH Options
Morson Talent
SOC Analysts to join their Security Operations Centre. This is an excellent opportunity for an experienced SOC professional to step into a senior role, leading on complex investigations and incident response within a high-profile environment. The Role - The Senior SOC Analyst will act as the technical expert within the SOC, responsible for handling escalations from Tier … and Tier 2 analysts and managing the most complex security incidents. You will lead deep-dive investigations, improve detection and response processes, and play a key role in stakeholder engagement. Key responsibilities include: Analysing advanced security incidents, determining root cause and attack paths. Leading incident response activities across SIEM, EDR/XDR, networks, and cloud platforms. Producing … clear, business-focused incident reports and updates for senior stakeholders. Advising on SOC tooling and ensuring effective integration of incident response requirements. Supporting security exercises, crisis response, and compliance alignment with industry frameworks. Candidate Profile - The successful candidate will bring: Significant experience in SOC operations and cyber incident response. Strong knowledge of adversary TTPs and More ❯
Employment Type: Contract
Rate: GBP 615 Daily
Posted:

SOC consultant- Sentinel

City of London, London, United Kingdom
HCLTech
on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems … scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and contextualize alerts within the OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM More ❯
Posted:

Lead Site Reliability Engineer

City of London, London, United Kingdom
TechNET IT Recruitment Ltd
delivers logs, metrics, traces, and security monitoring — cutting costs by up to 70% while boosting efficiency. They are looking for a Lead SRE to own and elevate our Alerting & Incident Management platform . You’ll be the driving force behind reliability, customer satisfaction, and product excellence — ensuring smooth alert management, fewer engineering interruptions, and a best-in-class incident response experience. This role blends technical depth, customer impact, and product strategy — perfect for someone who thrives at the intersection of engineering, incident response, and product innovation. What You’ll Do Champion customer experience by speeding up alert resolution and reducing interruptions for engineers. Build solutions to common pain points, shaping roadmaps, documentation, and technical knowledge. … Develop benchmarking tools to improve performance, reliability, and scalability. Stay ahead of incident management trends to drive new workflows and product improvements. Mentor teams and lead with clear, impactful communication. What We’re Looking For 5+ years in software engineering, DevTools, or infrastructure. Strong expertise in incident management, alert routing, and large-scale orchestration. SaaS or incident More ❯
Posted:

Senior Security Operations Analyst SOC

Central London, London, United Kingdom
Hybrid / WFH Options
Client Server
incidents using SIEM tools (Splunk) to create detection use cases, analyse security event data for proactive threat hunting and conduct research on the latest threats and vulnerabilities to enhance incident response readiness and capabilities. Location/WFH: You'll join the team in brand new Central London based offices three days a week with flexibility to work from … home the other two days. About you: You are degree educated in Cyber Security or Computer Science You have strong experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of More ❯
Employment Type: Permanent, Work From Home
Posted:

ServiceNow IRM- Functional Consultant

City of London, London, United Kingdom
HCLTech
Ability to demonstrate any IRM solution and SecOps solutions as and when needed. Knowledge of various modules like Policy Mgmt. Compliance & Audit Mgmt., Vendor Mgmt., Business Continuity Management, Vulnerability Response, Incident Response, Security Dashboard on ServiceNow IRM platform Assess as-is IRM processes for maturity and automation on ServiceNow platform Knowledge of Advance risk management and continuous More ❯
Posted:

ServiceNow IRM Architect

City of London, London, United Kingdom
HCLTech
broad range of ServiceNow modules, including but not limited to: Integrated Risk Management (IRM): Policy Management, Compliance & Audit Management, Vendor Risk Management, Business Continuity Management. Security Operations (SecOps): Vulnerability Response, Security Incident Response, Security Dashboards. IT Service Management (ITSM). IT Operations Management (ITOM). Customer Service Management (CSM). Integration Design: Design and oversee the implementation More ❯
Posted:

Azure Security Engineer - Sentinel, Defender, Purview

City of London, London, United Kingdom
Apsley Recruitment Ltd
Governance setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with SOC and managed Sentinel provider on incident handling Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance Manager Maintain security documentation and assist in audit preparation Configure … insider risk management, audit, and eDiscovery capabilities Track Secure Score and recommend improvements Configure monitoring and alerts using Microsoft tools (Sentinel, Defender) Participate in incident response and post-incident reviews Contribute to the development of business continuity and disaster recovery plans Track KPIs and generate reports using Microsoft compliance and security solutions Work closely with DevOps, infrastructure More ❯
Employment Type: Permanent
Salary: £65,000
Posted:

SOC Solutions Engineer

City of London, London, United Kingdom
Hybrid / WFH Options
Anson Mccade
Benefits Clearance: Must hold or be eligible for SC Clearance Sponsorship: Not available We're seeking a highly skilled SOC Solutions Engineer to enhance security operations and strengthen detection & response strategies. This is a hands-on engineering role focused on IBM QRadar, playbook automation, and advanced threat modelling to deliver cutting-edge security solutions. What you'll do: SIEM … Engineering & Management: Deploy, configure, and optimise QRadar. Onboard log sources from cloud/on-prem environments. Build detection and anomaly rules. Playbook Development & Automation: Design and implement automated response playbooks (phishing, lateral movement, exfiltration) with SOAR tools (e.g., Logic Apps, XSOAR). Threat Detection & Response: Investigate alerts, enrich detection logic with threat intel, coordinate incident response. Threat … in IT security (SOC/NOC environment preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incident response, threat detection, and frameworks (MITRE, NIST, CIS). Knowledge of vulnerability scanning, penetration testing, and network traffic analysis. Familiarity with ITIL processes (Incident, Problem, Change). More ❯
Employment Type: Permanent, Work From Home
Posted:

Principal Security Analyst (MSSP)

City of London, London, United Kingdom
Hybrid / WFH Options
Copello
Principal Security Analyst will support busy pods on more complex issues, lead and coordinate threat hunting activities, perform and lead vulnerability assessment activities and perform SIEM-based event analysis, incident triage and coordinate incident response activities. Furthermore, the Principal Security Analyst will actively collaborate with other analysts and enhance the teams effectiveness through ownership of relevant issues More ❯
Employment Type: Permanent, Work From Home
Salary: £95,000
Posted:

Information Security Officer

City of London, London, United Kingdom
Hybrid / WFH Options
Stack Recruitment
The company also offers direct payment and settlement solutions for travel operators. 🔍 What You’ll Do 🕵️ ♂️ Monitor & Detect: Continuously monitor network traffic, system logs, and alerts for suspicious activity. 🚨 Incident Response: Act as first responder to security incidents, investigate breaches, and contain threats. 🔍 Vulnerability Management: Conduct regular assessments and penetration tests to identify and resolve weaknesses. 🔐 Security Implementation More ❯
Posted:

SOC Solution Engineer

City of London, London, United Kingdom
Anson McCade
and resilience. Collaborating with security analysts, engineers, and stakeholders to ensure seamless integration of tools and workflows. Leading technical discussions and providing guidance on best practices for threat detection, incident response, and log management. Supporting pre-sales engagements with technical expertise and solution design input. Staying ahead of emerging threats and technologies to continuously improve SOC capabilities . … What You’ll Bring: Strong experience in designing and implementing SOC platforms (e.g., SIEM, SOAR, EDR). Deep understanding of security operations workflows, threat intelligence, and incident response. Hands-on experience with tools like Splunk, Sentinel, QRadar, or similar. Ability to engage with both technical and non-technical stakeholders. Familiarity with cloud environments (Azure, AWS, GCP) and hybrid architectures. More ❯
Posted:

Head of Cyber Security

City of London, London, United Kingdom
Hybrid / WFH Options
Qurated
cyber security strategy across IT Security, Cyber Security, and Information Security. Oversee security controls, risk management, and compliance across cloud and on-prem environments. Manage threat detection, monitoring, and incident response using Microsoft Defender, Sentinel, and Entra ID. Lead identity & access management (IAM) and ensure secure authentication processes. Support M&A security assessments and integrations, ensuring due diligence. More ❯
Posted:

Entry-Level Cybersecurity Analyst

City of London, London, England, United Kingdom
Hybrid / WFH Options
How to Job Ltd
trends and best practices. Qualifications: •Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. •Basic knowledge of cybersecurity principles, including threat detection, risk management, and incident response. •Familiarity with security tools like SIEM systems, firewalls, or endpoint protection is a plus. •Strong analytical and problem-solving skills. •Excellent communication skills with the ability to explain More ❯
Employment Type: Full-Time
Salary: £35,000 - £42,000 per annum, Negotiable
Posted:

Cyber Insight Analyst

City, London, United Kingdom
Morson Talent
their global Cyber Insights & Analytics team. This is a hands-on role where you ll transform diverse data sources. Ranging from policy and claims to cyber threat intelligence and incident response, into actionable insights that strengthen our underwriting decisions and frameworks. With their data strategy making strong progress, this is an exciting opportunity for someone with a few More ❯
Employment Type: Permanent
Salary: GBP 45,000 - 55,000 Annual
Posted:

Cyber Insight Analyst

City of London, Lime Street, United Kingdom
Morson Talent
their global Cyber Insights & Analytics team. This is a hands-on role where you’ll transform diverse data sources. Ranging from policy and claims to cyber threat intelligence and incident response, into actionable insights that strengthen our underwriting decisions and frameworks. With their data strategy making strong progress, this is an exciting opportunity for someone with a few More ❯
Employment Type: Permanent
Salary: £45000 - £55000/annum 20% Bonus
Posted:

IT Security and Resilience Specialist

City of London, London, United Kingdom
Slaughter and May
security posture and external security rating. Identify vulnerabilities in hardware and software to be remediated by Engineering\Operations teams. Understand current and emerging security threats. Assist and lead in Incident Response investigations and mitigation. Evaluate, test and recommend security enhancements. Support CE+ accreditation Identify security risks and exposures, determine the cause of security violations and suggest procedures to More ❯
Posted:

Penetration Testing / Red Team Lead

City of London, London, United Kingdom
Hybrid / WFH Options
Deerfoot Recruitment Solutions
testing, and ethical hacking engagements Plan and deliver cyber attack simulations, vulnerability assessments, and social engineering tests Work with SOC teams on purple team exercises to enhance detection and response Produce executive reporting on cyber threats, risks, and remediation progress Collaborate with security and infrastructure teams to strengthen overall cyber resilience Skills & Experience 3+ years in penetration testing/… ethical hacking/red teaming Strong understanding of cyber threats, APTs, threat actor tactics, and exploit development Familiar with SIEM, defensive security monitoring, incident response, and detection engineering Deep knowledge of network, web application, and enterprise architecture security Excellent communication skills to present cyber risk insights to stakeholders Hybrid working model - 3 days in the London office. Competitive More ❯
Employment Type: Permanent, Work From Home
Posted:

Information Technology Security Analyst

City of London, London, United Kingdom
InterQuest Group
experience of working with Microsoft Sentinel, Defender and Purview • Excellent understanding of security frameworks (NIST and Cyber Essentials) • Ability to lead and manage third party providers • Strong understanding of incident response processes and methodologies including leading and managing incidents • Lead on root cause analysis, providing relevant documentation including recommendations • indemonstrable experience of implementing a robust and trustworthy security More ❯
Posted:

Solutions Deliver Consultant

City Of London, England, United Kingdom
RDA Placements Limited
validation, and regulatory obligations. Support AI governance frameworks ensuring ethical, explainable, and compliant use of AI across financial services. Digital Operational Resilience (DORA) Deliver gap assessments, compliance roadmaps, and incident response readiness programmes aligned to the EU Digital Operational Resilience Act (DORA). Advise financial institutions on resilience testing, regulatory reporting, and ICT risk management. Support the integration More ❯
Posted:

Solutions Delivery Consultant

City, London, United Kingdom
RDA Placements Limited
validation, and regulatory obligations. Support AI governance frameworks ensuring ethical, explainable, and compliant use of AI across financial services. Digital Operational Resilience (DORA) Deliver gap assessments, compliance roadmaps, and incident response readiness programmes aligned to the EU Digital Operational Resilience Act (DORA). Advise financial institutions on resilience testing, regulatory reporting, and ICT risk management. Support the integration More ❯
Employment Type: Permanent
Salary: GBP 83,000 - 90,000 Annual
Posted:

CLASS UNDERWRITER: CYBER

City of London, London, United Kingdom
Santam Syndicate 1918
Commercial awareness with a track record of delivering profitable portfolio growth. Confident communicator with strong broker relationships and market presence. Familiarity with cyber risk scoring tools, pricing models, and incident response frameworks. Professional qualifications such as ACII, or relevant technical certifications (e.g. CISSP) are an advantage. Experience working in a Lloyd’s, MGA cyber underwriting environment. Exposure to More ❯
Posted:
Incident Response
Central London
10th Percentile
£47,500
25th Percentile
£55,250
Median
£75,000
75th Percentile
£82,500
90th Percentile
£92,500